Two questions are relatively simple, so put one down, is not water blog, chefs tap to play
BackupFile
Task presenting "Try to find out source file!", Access the backup file index.php /index.php.bak obtain the source code (in fact, there is also tried for a little while, originally thought it was www.zip, bak.zip like, finally think .bak file backup)
<?php include_once "flag.php"; if(isset($_GET['key'])) { $key = $_GET['key']; if(!is_numeric($key)) { exit("Just num!"); } $key = intval($key); $str = "123ffwsfwefwf24r2f32ir23jrw923rskfjwtsw54w3"; if($key == $str) { echo $flag; } } else { echo "Try to find out source file!"; }
GET method requires passing a Key value, and Key must be numeric character string and equal 123ffwsfwefwf24r2f32ir23jrw923rskfjwtsw54w3
PHP is feeling weak type of test characteristics, int and string are not directly comparable, php string will be converted to int then be compared to int when compared to retain only digital, everything after the first string is amputated
So long as the key is equal to the equivalent of 123 to satisfy the condition of:
Exec
Command is executed, nothing to say, the use of & execute multiple commands, enter 127.0.0.1 & cat / flag obtain Flag:
