web104笔记(sha1函数特性) 

<?php

/*
# -*- coding: utf-8 -*-
# @Author: atao
# @Date:   2020-09-16 11:25:09
# @Last Modified by:   h1xa
# @Last Modified time: 2020-09-28 22:27:20

*/


highlight_file(__FILE__);
include("flag.php");

if(isset($_POST['v1']) && isset($_GET['v2'])){
    $v1 = $_POST['v1'];
    $v2 = $_GET['v2'];
    if(sha1($v1)==sha1($v2)){
        echo $flag;
    }
}



?>

倒是变得简单了,考的sha1函数特性,sha1()函数无法处理数组类型,会返回NULL,if条件就成立了,所以payload为

GET:?v2[]=

POST: v1[]=

 







            

            
posted @ 
2025-03-25 11:31 
justdoIT* 
阅读(7) 
评论(0) 
 
收藏 
举报