BUUCTF2018-OnlineTool

本文最后更新于:2024年4月6日 下午

​ 今日心情不佳,整道ctf题

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<?php

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} #这里是让服务器获取ip的,没啥用

if(!isset($_GET['host'])) {
    highlight_file(__FILE__); #如果没有设定host参数,就给咱看代码
} else {
    $host = $_GET['host'];
    $host = escapeshellarg($host);
    $host = escapeshellcmd($host);
    $sandbox = md5("glzjin". $_SERVER['REMOTE_ADDR']);
    echo 'you are in sandbox '.$sandbox;
    @mkdir($sandbox);
    chdir($sandbox);
    echo system("nmap -T5 -sT -Pn --host-timeout 2 -F ".$host);
}

拿到代码先注释一下,下面放一下新学到的这俩函数吧

image-20220113202604510

image-20220113202702600

image-20220113203050688