2021 DASCTF July X CBCTF 4th/web/cat flag
题目源码:
<?php
if (isset($_GET['cmd'])) {
$cmd = $_GET['cmd'];
if (!preg_match('/flag/i',$cmd))
{
$cmd = escapeshellarg($cmd);
system('cat ' . $cmd);
}
} else {
highlight_file(__FILE__);
}
?>
知识点:
1.绕过正则
2.escap
原创
2021-08-16 12:25:35 ·
374 阅读 ·
0 评论