前言
先提一个小坑,$_REQUEST = $_POST+$_GET+$_COOKIE
,如果进入页面显示fxck your English letters
,删掉cookie就好了.
源码
查看源代码 <!-- 316E4433782E706870 -->
HEX解码 1nD3x.php
拿到源码
<?php
highlight_file(__FILE__);
error_reporting(0);
$file = "1nD3x.php";
$y1ng = $_GET['y1ng'];
$passwd = $_GET['passwd'];
$arg = '';
$code = '';
if($_SERVER) {
if (
preg_match('/y1ng|zuishuai|flag|YuZhou|Wudi|system|exec|passwd|ass|eval|sort|shell|ob|start|mail|\$|sou|show|cont|high|reverse|flip|rand|scan|chr|local|sess|id|source|arra|head|light|read|inc|info|bin|hex|oct|echo|print|pi|\.|\"|\'|log/i', $_SERVER['QUERY_STRING'])
)
die('fxck your key words!');
}
if (!preg_match('/http/i', $_GET['file'])) {
if (preg_match('/^y1ngzuishuai$/', $_GET['zuishuai']) && $_GET['zuishuai'] !== 'y1ngzuishuai') {
$file = $_GET["file"];
echo "Yes! You know that I zuishuai!<br>";
}
} else die('fxck you! no RFI!!');
if($_REQUEST) {
foreach($_REQUEST as $value) {
if(preg_match('/[a-zA-Z]/i', $value))
die('fxck your English letters');
}
}
if (