当前位置:网站首页>ctfshow-web354(SSRF)
ctfshow-web354(SSRF)
2022-07-01 06:56:00 【m0_ sixty-two million ninety-four thousand eight hundred and fo】
<?php
error_reporting(0);
highlight_file(__FILE__);
$url=$_POST['url'];
$x=parse_url($url);
if($x['scheme']==='http'||$x['scheme']==='https'){
if(!preg_match('/localhost|1|0|./i', $url)){
$ch=curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result=curl_exec($ch);
curl_close($ch);
echo ($result);
}
else{
die('hacker');
}
}
else{
die('hacker');
}
?>Law 1 :
sudo.cc amount to 127.0.0.1
url=http://sudo.cc/flag.php Law two :
Change the local domain name A It was recorded that 127.0.0.1 On , And then visit http:// domain name /flag.php that will do ( You can also set up on your own domain name server 302 Jump )
边栏推荐
- Record an online interface slow query problem troubleshooting
- 自动化测试平台(十三):接口自动化框架与平台对比及应用场景分析及设计思路分享
- 用手机在指南针上开户靠谱吗?这样有没有什么安全隐患
- Docker installation and deployment redis
- (上)苹果有开源,但又怎样呢?
- How the esp32 deep sleep current is lower than 10uA
- SQL learning notes 2
- rclone常用子命令中文解释
- Chinese explanation of common rclone subcommands
- Grain Mall - environment (p1-p27)
猜你喜欢
【Tikhonov】基于Tikhonov正则化的图像超分辨率重建
Dirty reading, unreal reading and unrepeatable reading
脏读、幻读和不可重复读
JSP - 分页
【FPGA帧差】基于VmodCAM摄像头的帧差法目标跟踪FPGA实现
Esp32 - ULP coprocessor reading Hall sensor in low power mode
ctfshow-web352,353(SSRF)
【LINGO】求七个城市最小连线图,使天然气管道价格最低
【电气介数】电气介数及考虑HVDC和FACTS元件的电气介数计算
[FPGA frame difference] FPGA implementation of frame difference target tracking based on vmodcam camera
随机推荐
【计网】(一) 集线器、网桥、交换机、路由器等概念
【FPGA帧差】基于VmodCAM摄像头的帧差法目标跟踪FPGA实现
rclone配置minio及基本操作
(上)苹果有开源,但又怎样呢?
[wechat applet low code development] second, resolve the code composition of the applet in practice
【LINGO】求七个城市最小连线图,使天然气管道价格最低
第五章 輸入/輸出(I/O)管理
The code generator has eliminated the styling of xxxx js as it exceeds the max of 500kb
Docker 安装部署Redis
Postgraduate entrance examination directory link
Rclone configuring Minio and basic operations
8 张图 | 剖析 Eureka 的首次同步注册表
PAT (Advanced Level) Practice 1057 Stack
Router 6/ and the difference with router5
Software engineering review
Docker installation and deployment redis
在长城证券上做基金定投安全吗?
Fix the problem that the AI video intelligent platform easycvr device video cannot be played
Jena基于OWL的默认推理查询
ctfshow-web354(SSRF)