萌新web1
作者:互联网
We notice that it's related to bypassing.
The below annotation reminds us that the true id is 1000, so we need bypass the function intval().
In order to make SQL query successful, we could use hex string '0x3e8' to bypass the constraint.
The function intval() will return 0 when you upload the above value by GET method.
Noteworthily, the parameter $_GET['id'] is a string type, if not, for example, intval(0x3e8) will return integer 1000 cuz intval() will decode the hex value to decimal as the prefix '0x'.
标签:intval,GET,hex,value,will,web1,萌新,id 来源: https://www.cnblogs.com/4fun/p/15087470.html