梧席
Flask_FileUpload
Q7nl1s admin
  2022-01-16 15:50:46 2022-01-16 15:50   2023-09-20 18:14:49      160 Words  

Flask_FileUpload

进入靶场

Flask_FileUpload1

<1>进入Flask_FileUpload环境 ,查看网页源代码

Flask_FileUpload3

出现
— Give me the file, and I will return the Running results by python to you!(显示将要返回以python运行的结果给你,意思让你在文件中写入一个python代码,然后拿到它的flag)

– accept=”.jpg,.png” 表示上传只能接受以 jpg // png格式为后缀名的文件

<2>在图片马中写入以下代码(注意文件名一定不能是中文,不然会报错)

1
2
import os
os.sysytem('cat/flag')

<3>上传建立的图片马,F12打开开发者模式,拿到flag

Flask_FileUpload2

 Comments
Comment plugin failed to load
Loading comment plugin
  1. Flask_FileUpload
© 2020 - 2024    Q7nl1s
Powered by Hexo & Theme Keep
Unique Visitor Page View
  1. Flask_FileUpload