BUUCTF2018-OnlineTool
本文最后更新于:2024年4月6日 下午
今日心情不佳,整道ctf题
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
| <?php
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR']; }
if(!isset($_GET['host'])) { highlight_file(__FILE__); } else { $host = $_GET['host']; $host = escapeshellarg($host); $host = escapeshellcmd($host); $sandbox = md5("glzjin". $_SERVER['REMOTE_ADDR']); echo 'you are in sandbox '.$sandbox; @mkdir($sandbox); chdir($sandbox); echo system("nmap -T5 -sT -Pn --host-timeout 2 -F ".$host); }
|
拿到代码先注释一下,下面放一下新学到的这俩函数吧