Open Anemone95 opened 5 years ago
http://anemone.top/ctf-2019fireshell%E4%B8%80%E9%81%93%E4%BB%8Exxe%E5%88%B0ssrf%E9%A2%98/
题目: BadInjection, 其他题解请参考白帽100公众号的FireShell CTF 2019 WriteUp. 0x01任意文件下载file参数存在文件下载,顺藤摸瓜依次下载到index.php,Routers.php,Custom.php,Admin.php。 0x02XXE查看Custom.php: 123456789<?phpclass Custom extends Con
http://anemone.top/ctf-2019fireshell%E4%B8%80%E9%81%93%E4%BB%8Exxe%E5%88%B0ssrf%E9%A2%98/
题目: BadInjection, 其他题解请参考白帽100公众号的FireShell CTF 2019 WriteUp. 0x01任意文件下载file参数存在文件下载,顺藤摸瓜依次下载到index.php,Routers.php,Custom.php,Admin.php。 0x02XXE查看Custom.php: 123456789<?phpclass Custom extends Con