当前位置:网站首页>I spring web upload
I spring web upload
2022-07-05 15:10:00 【Golden silk】
According to the prompt , Visit directly first flag.php file
Looking at the source code, I didn't find anything , So it can only be accessed through file upload flag.php file
Upload the file
Click on the uploaded file , Find out <? and php Filtered , You can't use it directly
hold php Switch to PHP Continue to upload , Find out PHP Not filtered out ,
So it can be used strtolower Function Dodge php The filter , Change species PHP How to write the code
There is the following code
Upload again , Open the uploaded file and find flag
Try another method , In one sentence
Upload files
Open the Chinese ant sword , Right mouse button , Add data , Copy file location URL, Input password abc
Click Add
Then go in and check, and you'll find flag La
边栏推荐
- CPU设计实战-第四章实践任务二用阻塞技术解决相关引发的冲突
- Un week - end heureux
- No one consults when doing research and does not communicate with students. UNC assistant professor has a two-year history of teaching struggle
- MySQL之CRUD
- Where is the operation of convertible bond renewal? Is it safer and more reliable to open an account
- IPv6与IPv4的区别 网信办等三部推进IPv6规模部署
- The difference between abstract classes and interfaces in PHP (PHP interview theory question)
- 当代人的水焦虑:好水究竟在哪里?
- Long list optimized virtual scrolling
- 危机重重下的企业发展,数字化转型到底是不是企业未来救星
猜你喜欢
Mongdb learning notes
Creation and use of thymeleaf template
DVWA range clearance tutorial
MySQL之CRUD
基于TI DRV10970驱动直流无刷电机
华为哈勃化身硬科技IPO收割机
Visual task scheduling & drag and drop | scalph data integration based on Apache seatunnel
Ecotone technology has passed ISO27001 and iso21434 safety management system certification
Database learning - Database Security
Detailed explanation of QT creator breakpoint debugger
随机推荐
729. My schedule I: "simulation" & "line segment tree (dynamic open point) &" block + bit operation (bucket Division) "
R 熵权法计算权重及综合得分
Au - delà du PARM! La maîtrise de l'Université de Pékin propose diverse pour actualiser complètement le classement du raisonnement du NLP
Talk about your understanding of microservices (PHP interview theory question)
go学习 ------jwt的相关知识
【华为机试真题详解】字符统计及重排
Dark horse programmer - software testing -10 stage 2-linux and database -44-57 why learn database, description of database classification relational database, description of Navicat operation data, de
Under the crisis of enterprise development, is digital transformation the future savior of enterprises
Ten billion massage machine blue ocean, difficult to be a giant
Long list optimized virtual scrolling
Talking about how dataset and dataloader call when loading data__ getitem__ () function
Select sort and bubble sort
[C question set] of Ⅷ
Fr exercise topic - simple question
Crud de MySQL
Ctfshow web entry command execution
CODING DevSecOps 助力金融企业跑出数字加速度
CPU设计相关笔记
一键更改多个文件名字
CPU design practice - Chapter 4 practical task 2 using blocking technology to solve conflicts caused by related problems