当前位置:网站首页>ctfshow-web354(SSRF)
ctfshow-web354(SSRF)
2022-07-01 06:56:00 【m0_ sixty-two million ninety-four thousand eight hundred and fo】
<?php
error_reporting(0);
highlight_file(__FILE__);
$url=$_POST['url'];
$x=parse_url($url);
if($x['scheme']==='http'||$x['scheme']==='https'){
if(!preg_match('/localhost|1|0|./i', $url)){
$ch=curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result=curl_exec($ch);
curl_close($ch);
echo ($result);
}
else{
die('hacker');
}
}
else{
die('hacker');
}
?>Law 1 :
sudo.cc amount to 127.0.0.1
url=http://sudo.cc/flag.php Law two :
Change the local domain name A It was recorded that 127.0.0.1 On , And then visit http:// domain name /flag.php that will do ( You can also set up on your own domain name server 302 Jump )
边栏推荐
- [matlab] solve nonlinear programming
- Router 6/ 以及和Router5 的区别
- 8 figures | analyze Eureka's first synchronization registry
- Draw a directed graph based on input
- Software engineering review
- SQL language learning record I
- Database objects: view learning records
- 问题:OfficeException: failed to start and connect(二)
- 【电气介数】电气介数及考虑HVDC和FACTS元件的电气介数计算
- [wechat applet] to solve button, input and image components
猜你喜欢
【推荐技术】基于协同过滤的网络信息推荐技术matlab仿真
比赛即实战!中国软件杯发布全新产业创新赛项,校企可联合参赛
On whether variables are thread safe
![[matlab] solve nonlinear programming](/img/2e/7a1f520b602b7539be479efb198f6a.png)
[matlab] solve nonlinear programming
2022 年江苏省职业院校技能大赛(中职) 网络搭建与应用赛项公开赛卷
(上)苹果有开源,但又怎样呢?
Product learning (II) - competitive product analysis
Some pits designed by NOC
Code practice - build your own diffusion models / score based generic models from scratch
ESP32 ESP-IDF ADC监测电池电压(带校正)
随机推荐
AI视频智能平台EasyCVR设备录像出现无法播放现象的问题修复
转行做产品经理,如何挑选产品经理课程?
问题:OfficeException: failed to start and connect(三)
[wechat applet low code development] second, resolve the code composition of the applet in practice
【微信小程序低代码开发】二,在实操中化解小程序的代码组成
Database objects: view learning records
MySQL table partition creation method
rclone中文文档:常用命令大全
K8S搭建Redis集群
解决kaniko push镜像到harbor时报错(代理导致):unexpected status code 503 Service Unavailable
广发证券开户是安全可靠的么?怎么开广发证券账户
[wechat applet] view container and basic content components
【分类模型】Q 型聚类分析
8 figures | analyze Eureka's first synchronization registry
ESP32 ESP-IDF ADC监测电池电压(带校正)
Problem: officeexception: failed to start and connect (II)
Introduction to spark (one article is enough)
How to use Alibaba vector font files through CDN
产品学习(一)——结构图
Product learning (II) - competitive product analysis