bugku-web-各种绕过

版权声明：a3uRa QQ：962620891 github：asuralinmo.github.io https://blog.csdn.net/qq_41173457/article/details/82055144

代码审计

?id=%25%36%64%25%36%31%25%37%32%25%36%37%25%36%39%25%36%65&uname[]=2

post 传入 passwd[]=1
id的值是 margin 两次url编码后的结果