WeChall_PHP 0817 (PHP, Exploit)
I have written another include system for my dynamic webpages, but it seems to be vulnerable to LFI.
Here is the code:
GeSHi`ed PHP code
1 2 3 4 56 7 8 9 1011 12 13 14 1516 17 |
<?php if (isset($_GET['which'])) { $which = $_GET['which']; switch ($which) { case 0: case 1: case 2: require_once $which.'.php'; break; default: echo GWF_HTML::error('PHP-0817', 'Hacker NoNoNo!', false); break; }} ?> |
Your mission is to include solution.php.
Here is the script in action: News, Forum, Guestbook.
Good Luck!
解题:
最近看了看PHP语法和web相关的知识,这道题要在网页提交前拦截,并把which数值改为solution,然后提交即可。
