当前位置:网站首页>I spring web upload
I spring web upload
2022-07-05 15:10:00 【Golden silk】
According to the prompt , Visit directly first flag.php file
Looking at the source code, I didn't find anything , So it can only be accessed through file upload flag.php file
Upload the file
Click on the uploaded file , Find out <? and php Filtered , You can't use it directly
hold php Switch to PHP Continue to upload , Find out PHP Not filtered out ,
So it can be used strtolower Function Dodge php The filter , Change species PHP How to write the code
There is the following code
Upload again , Open the uploaded file and find flag
Try another method , In one sentence
Upload files
Open the Chinese ant sword , Right mouse button , Add data , Copy file location URL, Input password abc
Click Add
Then go in and check, and you'll find flag La
边栏推荐
- 爱可可AI前沿推介(7.5)
- I want to inquire about how to ensure data consistency when a MySQL transaction updates multiple tables?
- 手写promise与async await
- Can gbase 8A view the location of SQL statement history?
- Creation and use of thymeleaf template
- 12 MySQL interview questions that you must chew through to enter Alibaba
- maxcompute有没有能查询 表当前存储容量的大小(kb) 的sql?
- GPS original coordinates to Baidu map coordinates (pure C code)
- Live broadcast preview | how to implement Devops with automatic tools (welfare at the end of the article)
- 美团优选管理层变动:老将刘薇调岗,前阿里高管加盟
猜你喜欢
Fr exercise topic --- comprehensive question
"Sequelae" of the withdrawal of community group purchase from the city
Ten billion massage machine blue ocean, difficult to be a giant
How to paste the contents copied by the computer into mobaxterm? How to copy and paste
Redis' transaction mechanism
面试突击62:group by 有哪些注意事项?
Bugku telnet
![P1451 calculate the number of cells / 1329: [example 8.2] cells](/img/c4/c62f3464608dbd6cf776c2cd7f07f3.png)
P1451 calculate the number of cells / 1329: [example 8.2] cells
Microframe technology won the "cloud tripod Award" at the global Cloud Computing Conference!
Mongdb learning notes
随机推荐
Dark horse programmer - software testing -10 stage 2-linux and database -44-57 why learn database, description of database classification relational database, description of Navicat operation data, de
想问下大家伙,有无是从腾讯云MYSQL同步到其他地方的呀?腾讯云MySQL存到COS上的binlog
How to solve the problem of garbled code when installing dependency through NPM or yarn
Huiyuan, 30, is going to have a new owner
What are CSRF, XSS, SQL injection, DDoS attack and timing attack respectively and how to prevent them (PHP interview theory question)
Thymeleaf uses background custom tool classes to process text
一键更改多个文件名字
I want to inquire about how to ensure data consistency when a MySQL transaction updates multiple tables?
[recruitment position] Software Engineer (full stack) - public safety direction
Visual task scheduling & drag and drop | scalph data integration based on Apache seatunnel
数据库学习——数据库安全性
Common redis data types and application scenarios
Change multiple file names with one click
MongDB学习笔记
Ten billion massage machine blue ocean, difficult to be a giant
超越PaLM!北大碩士提出DiVeRSe,全面刷新NLP推理排行榜
爱可可AI前沿推介(7.5)
PHP high concurrency and large traffic solution (PHP interview theory question)
The difference between abstract classes and interfaces in PHP (PHP interview theory question)
裁员下的上海