题目内容如下:

 1 <?php
 2 error_reporting(0);
 3 class come{    
 4     private $method;
 5     private $args;
 6     function __construct($method, $args) {
 7         $this->method = $method;
 8         $this->args = $args;
 9     }
10     function __wakeup(){
11         foreach($this->args as $k => $v) {
12             $this->args[$k] = $this->waf(trim($v));
13         }
14     }
15     function waf($str){
16         $str=preg_replace("/[<>*;|?\n ]/","",$str);
17         $str=str_replace('flag','',$str);
18         return $str;
19     }           
20     function echos($host){
21         system("echos $host".$host);
22     }
23     function __destruct(){
24         if (in_array($this->method, array("echos"))) {
25             call_user_func_array(array($this, $this->method), $this->args);
26         }
27     } 
28 
29 }
30 
31 $first='hi';
32 $var='var';
33 $bbb='bbb';
34 $ccc='ccc';
35 $i=1;
36 foreach($_GET as $key => $value) {
37         if($i===1)
38         {
39             $i++;   
40             $$key = $value;
41         }
42         else{break;}
43 }
44 if($first==="doller")
45 {
46     @parse_str($_GET['a']);
47     if($var==="give")
48     {
49         if($bbb==="me")
50         {
51             if($ccc==="flag")
52             {
53                 echo "<br>welcome!<br>";
54                 $come=@$_POST['come'];
55                 unserialize($come); 
56             }
57         }
58         else
59         {echo "<br>think about it<br>";}
60     }
61     else
62     {
63         echo "NO";
64     }
65 }
66 else
67 {
68     echo "Can you hack me?<br>";
69 }
70 ?>
View Code

分类:

技术点:

相关文章: