梧席
ACTF2020新生赛Upload1
Q7nl1s admin
  2022-01-18 19:35:16 2022-01-18 19:35   2023-09-20 10:13:25      65 Words  32

[ACTF2020 新生赛]Upload1

进入靶机找到文件上传点

1

直接上传个php一句话代码文件测试,发现对文件后缀有检查

2

抓包后修改.php,发现仍然有检查

3

再尝试phtml

4

5

根目录下拿到flag

6

tooltip-img-1-1744053758649
Show Your Support~~~
 Comments
Comment plugin failed to load
No comment yet.
Powered By Valine
v1.5.2
  1. [ACTF2020 新生赛]Upload1
© 2020 - 2024    Q7nl1s
Powered by Hexo & Theme Keep v4.0.5
Unique Visitor 18141 Page View 21501
  1. [ACTF2020 新生赛]Upload1