robots.txt 提示 /src/code/code.txt
打开后显示源码:
<?phpif (isset ($_GET['password'])) {if (preg_match ("/^[a-zA-Z0-9]+$/", $_GET['password']) === FALSE){echo '<p>You password must be alphanumeric</p>';}else if (strlen($_GET['password']) < 8 && $_GET['password'] > 9999999){if (strpos ($_GET['password'], '*-*') !== FALSE){die('Flag: ' . $flag);}else{echo('<p>*-* have not been found</p>');}}else{echo '<p>Invalid password</p>';}}?>
看见数字比大小直接科学计数法绕过
若有收获,就点个赞吧
0 人点赞
