实验吧做题笔记
Buuoj Writeups(一)
Buuoj Writeups(一)
Buuoj Writeups(零)

Buuoj Writeups(零)

web

bestphp’s revenge

index.php源码

1
2
3
4
5
6
7
8
9
10
11
12
<?php
highlight_file(__FILE__);
$b = 'implode';
call_user_func($_GET['f'], $_POST);
session_start();
if (isset($_GET['name'])) {
$_SESSION['name'] = $_GET['name'];
}
var_dump($_SESSION);
$a = array(reset($_SESSION), 'welcome_to_the_lctf2018');
call_user_func($b, $a);
?> array(0) { }

flag.php源码

Buuoj Writeups(零)

Buuoj Writeups(零)

web

{: id=”20200922184614-d2hiugo”}

bestphp’s revenge

{: id=”20200922184614-98r3x8w”}

index.php源码
{: id=”20200922184614-q1vil8x”}

1
2
3
4
5
6
7
8
9
10
11
12
<?php
highlight_file(__FILE__);
$b = 'implode';
call_user_func($_GET['f'], $_POST);
session_start();
if (isset($_GET['name'])) {
$_SESSION['name'] = $_GET['name'];
}
var_dump($_SESSION);
$a = array(reset($_SESSION), 'welcome_to_the_lctf2018');
call_user_func($b, $a);
?> array(0) { }

{: id=”20200922184614-4cc2v87”}

flag.php源码
{: id=”20200922184614-hbrryie”}


:D 一言句子获取中...