-Extract variable code audit coverage

Others 2019-08-25 20:17:03 views: null 
<?php
$flag='xxx';
extract($_GET);
if(isset($shiyan))
{
$content=trim(file_get_contents($flag));
if($shiyan==$content)
{
echo'flag{xxx}';
}
else
{
echo'Oh.no';
}
}
?>

file_get_contents () function to read the entire file into a string.

extract () function is introduced into the current array variable in the symbol table.

 

The flag is probably variable and variable unanimously flag shiyan

The contents is empty, flag and shiyan variable is empty, the condition

http://123.206.87.240:9009/1.php?shiyan=&flag=

 

flag{bugku-dmsj-p2sm3N}

Guess you like

Origin www.cnblogs.com/gaonuoqi/p/11408456.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com