BUUCTF2018-OnlineTool

本文最后更新于:2022年1月22日 晚上

​ 今日心情不佳,整道ctf题

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<?php

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} #这里是让服务器获取ip的,没啥用

if(!isset($_GET['host'])) {
highlight_file(__FILE__); #如果没有设定host参数,就给咱看代码
} else {
$host = $_GET['host'];
$host = escapeshellarg($host);
$host = escapeshellcmd($host);
$sandbox = md5("glzjin". $_SERVER['REMOTE_ADDR']);
echo 'you are in sandbox '.$sandbox;
@mkdir($sandbox);
chdir($sandbox);
echo system("nmap -T5 -sT -Pn --host-timeout 2 -F ".$host);
}

拿到代码先注释一下,下面放一下新学到的这俩函数吧

image-20220113202604510

image-20220113202702600

image-20220113203050688