攻防世界-file_include(江苏工匠杯) 题目 描述:怎么读取文件呢? <?phphighlight_file(__FILE__);include("./check.php");if(isset($_GET['filename'])){$filename=$_GET['filename'];include($filename);}?> 尝试伪协议读取 php://filter/read/convert.base64-encode/resource=check.php 出现提示,...
[攻防世界][江苏工匠杯]file_include 打开靶机url,上来就是代码审计 <?phphighlight_file(__FILE__);include("./check.php");if(isset($_GET['filename'])){$filename=$_GET['filename'];include($filename); }?> 这里有个include filename,题干幼教文件包含,直接运用文件包含的payload试一下,比如:...