foreword
After writing the web questions for so long, it is considered to have finished all the basic parts of it. The next few days will continue to update the solutions of the BugkuCTF WEB part. In order not to affect the reading, the solutions of each question are in the form of a separate article. Published, thank you for your continued support and understanding, and encouragement~~~
Click on the link, it is also the subject of code auditing, we can take a look together
$num=$_GET['num']; if(!is_numeric($num)) { echo $num; if($num==1) echo 'flag{**********}'; }
We are looking at a parameter num, which involves a function is_numeric, this function is to detect whether the variable is a number or a number string, it returns TRUE if it is a number and a number string , otherwise it returns FALSE
The meaning of this statement is that the num parameter to be passed in is neither a numeric string, but also equal to 1. At this time, we naturally think of scientific notation.
So we only need to pass in such a statement at this time: ?num=1e
The flag exploded directly
