Php:filter pseudo protocol [bsidescf 2020]had a bad day

Knowledge point ：

php:filter//read=convert.base64-encode/resource= file name ;

  If you write casually after the parameter, you will find that some files contain errors ：

He has .php Suffix added , It means that the execution is parametric PHP file , Then it is likely to be flag;

Change directly flag try ：
 

Only these two parameters are supported ; But as long as it contains woofers The string of will be another syntax error , After guessing the interview, there is a string matching function ; Parameters are file classes

Just thought of using php://filter Fake protocol ：

It must contain those two characters ： Just use php Pseudo protocol nesting ：
therefore ：
?category=php://filter/read=convert.base64-encode/woofers/resource=flag

  Decrypt it flag;

It's fine too index Get the source code ;