PHP 0817 (PHP, Exploit)
题目描述
I have written another include system for my dynamic webpages, but it seems to be vulnerable to LFI.
Here is the code:
GeSHi`ed PHP code
<?php
if (isset($_GET['which']))
{
$which = $_GET['which'];
switch ($which)
{
case 0:
case 1:
case 2:
require_once $which.'.php';
break;
default:
echo GWF_HTML::error('PHP-0817', 'Hacker NoNoNo!', false);
break;
}
}
?>
Your mission is to include solution.php.
Here is the script in action: News, Forum, Guestbook.
Good Luck!
我已经为我的动态网页编写了另一个包含系统,但它似乎容易受到LFI的攻击。
代码在上面
您的任务是包含solution.php。
以下是实际操作的脚本:News, Forum, Guestbook.
祝好运!
解:
仔细阅读题目要求很明显知道要将solution.php包含进去。
因为代码中有.php后缀,所以这里将solution用$_GET(PHP $_GET)传入which中去即可完成要求。
wechall相关链接:我的wechall之旅??!