强网杯2019 Upload目录扫描发现源码泄露 www.tar.gz 直接看文件上传部分的关键代码 123456789101112131415161718192021222324252627public function upload_img(){ if($this->checker){ if(!$this->checker->login

[HarekazeCTF2019]Avatar Uploader 1原题中是给出源码的 主要看upload.php 1234567891011121314151617181920212223242526272829303132333435363738394041424344<?phperror_reporting(0);require_once('config.php')

[SHCTF 2023] week2 web ez_rce题目源码(附件)如下： 123456789101112131415161718192021222324252627282930313233343536373839404142434445from flask import *import subprocessapp = Flask(__name__)def gett(obj,arg):

[MRCTF2020]套娃先看页面源代码，发现有代码注释： 12345678$query = $_SERVER['QUERY_STRING']; if( substr_count($query, '_') !== 0 || substr_count($query, '%5f') != 0 ){ die('Y0u

[FBCTF2019]RCEService这题是有源码的（别管怎么来的了，我看的十几篇wp都没说清楚）： 123456789101112131415161718192021222324<?phpputenv('PATH=/home/rceservice/jail');if (isset($_REQUEST['cmd'])) { $jso

[FlareOn4]login直接看JS 1234567891011document.getElementById("prompt").onclick = function () {var flag = document.getElementById("flag").value;var rotFlag = flag.replace(/[a-zA-Z

[极客大挑战 2019]RCE ME分析1234567891011121314151617 <?phperror_reporting(0);if(isset($_GET['code'])){ $code=$_GET['code']; if(strlen($code)>40)&#

easy_serializepayload先上payload: 1http://124.220.165.133:9906/?a=O:5:"Hello":2:{s:6:"source";N;s:3:"str";O:4:"Show":2:{s:6:"source";N;s:3:&qu

rce2 (无字母数字绕过)

新年快乐