WEB部分 【nani】 啥也没有,看源代码发现一句话/index.php?file=show.php。 访问show.php得到user.php,因为是file参数考虑是否有LFI。 ?file=php://filter/read=convert.base64-encode/resource=user.php得到user.php的源码: warn); } function __wakeup(…
Quote saved.
Login to quote this blog
Failed to save quote. Please try again later.
You cannot quote because this article is private.