命令执行练习
命令执行
web29源代码如下:
1234567891011121314151617181920212223<?php/*# -*- coding: utf-8 -*-# @Author: h1xa# @Date: 2020-09-04 00:12:34# @Last Modified by: h1xa# @Last Modified time: 2020-09-04 00:26:48# @email: h1xa@ctfer.com# @link: https://ctfer.com*/error_reporting(0);if(isset($_GET['c'])){ $c = $_GET['c']; if(!preg_match("/flag/i", $c)){ eval($c); } }else{ highlight_file(__FILE__);}
过滤了flag,使用通配符即可?c=system( ...
php特性练习
php特性WEB89源代码如下:
1234567891011121314151617181920212223242526(?php/*# -*- coding: utf-8 -*-# @Author: h1xa# @Date: 2020-09-16 11:25:09# @Last Modified by: h1xa# @Last Modified time: 2020-09-18 15:38:51# @email: h1xa@ctfer.com# @link: https://ctfer.com*/include("flag.php");highlight_file(__FILE__);if(isset($_GET['num'])){ $num = $_GET['num']; if(preg_match("/[0-9]/", $num)){ die("no no no!"); } if(intval($num)) ...
阿呆去哪儿
Web做题记录—ctfshow阿呆的故事第一季程序员从入门到删库跑路
Web1“代码很安全,没有漏洞”
打开容器后代码如下:
1234567891011121314151617181920212223242526272829303132333435363738394041<html> <head> <title>ctf.show萌新计划web1</title> <meta charset="utf-8"> </head> <body> <?php # 包含数据库连接文件 include("config.php"); # 判断get提交的参数id是否存在 if(isset($_GET['id'])){ $id = $_GET['id']; # 判断id的值是否大于999 if(intval ...