Open topics get the code:
<?php show_source(__FILE__); echo $_GET['hello']; $page=$_GET['page']; while (strstr($page, "php://")) { $page=str_replace("php://", "", $page); } include($page); ?>
str case-sensitive function, it is possible to pass a parameter capitalization, Burp capture.
Flag get critical information, continue to pass parameters:
End ------------ ------------ restore content