19743ksdfr @ 2024-03-07 23:21:53 👍0
查看流量发现有post upload.php,判断为文件上传漏洞,k为校验参数,c为执行命令,将php代码反向解密,gzuncompress(base64_decode($result)),可看到命令c的执行结果,最后一个为 cat /flag.txt,base64加密后为eJxLy0lMrw6NTzPMS4n3TVWsBQAz4wXi,解压缩为flag{U_f1nd_Me!}
868954104 @ 2024-01-07 23:21:53 👍0
flag{U_f1nd_Me!}
xiaofeizhu @ 2023-11-07 23:21:53 👍0
>>> file2 = "eJxLy0lMrw6NTzPMS4n3TVWsBQAz4wXi"; >>> a = base64.b64decode(file2) >>> b = zlib.decompress(a) >>> print(b) flag{U_f1nd_Me!}
西风 @ 2023-09-07 23:21:53 👍0
反向执行,先解码再解压缩 php -r 'echo gzuncompress(base64_decode(双引号eJxLy0lMrw6NTzPMS4n3TVWsBQAz4wXi双引号;));'
sseeaa @ 2023-08-07 23:21:53 👍0
标准签到题,其他的不会,签个到先
查看流量发现有c=cat /flag.txt,回包是eJxLy0lMrw6NTzPMS4n3TVWsBQAz4wXi,需要base64解码+解压缩得到flag. import base64, zlib flag = 'eJxLy0lMrw6NTzPMS4n3TVWsBQAz4wXi' a=zlib.decompress(base64.b64decode(flag)) print(a)