Introduction to rce in attack and defense world

Shooting range problem php_rce It has been shown that , This is the question rce（ Remote instruction / Code Execution Vulnerability ）

Open the range , See only this promotion page , Promote a framework and specifically specify the version . I guess the version of this framework may have public vulnerabilities . So I went to Baidu ThinkphpPHP V5

After searching online, I found that this version framework really exists rce Loophole .

Click into a blog address casually ：https://www.cnblogs.com/backlion/p/10106676.html

See the vulnerability affecting the version 、 Vulnerability analysis and utilization are introduced

Refer directly to the code constructed here

  Use instruction ls List the current catalog file

  use cat After checking these files one by one , Didn't get flag, Guess it should be put in other directories ...... So I thought of using ../ Step up . Last ../../../ When backing up the third level directory, I found flag, This is actually in the root directory ...

  And then use cat Command to view the file , Get flag.

Later I went to check , View root file , direct ls / This command will do , And use it directly cat /flag Just go , Or right linux The instructions are unfamiliar .. Ah ~~