首页 > TAG信息列表 > ezeval
WEB_ezeval
打开页面,发现代码 <?php highlight_file(__FILE__); $cmd=$_POST['cmd']; $cmd=htmlspecialchars($cmd); $black_list=array('php','echo','`','preg','server','chr','decode','html�BMZCTF-WEB_ezeval
打开环境 <?php highlight_file(__FILE__); $cmd=$_POST['cmd']; $cmd=htmlspecialchars($cmd); $black_list=array('php','echo','`','preg','server','chr','decode','html',&#BMZCTF WEB_ezeval
WEB_ezeval题目简介:打开后是一段php代码,进行代码审计: <?php highlight_file(__FILE__); $cmd=$_POST['cmd']; $cmd=htmlspecialchars($cmd); $black_list=array('php','echo','`','preg','server',�BMZCTF WEB_ezeval
BMZCTF WEB_ezeval 思路: 绕过str_ireplace,str_ireplace过滤的blacklist 代码审计 $black_list=array('php','echo','`','preg','server','chr','decode','html','md5','post',&