ctfshow file contains

web78 unprotected read source code <?php if(isset($_GET['file'])){ $file = $_GET['file']; include($file); }else{ highlight_file(__FILE__); } base64 decryption after pseudo protocol reading php://filter/read=convert.base64-encode/resource=flag.php web79 data protocol <?php if(isset($_GET['file'])){ $file = $_GET[ ...

Posted on Sun, 19 Sep 2021 08:23:04 -0400 by Renlok

Xhprof is used in Docker to analyze code performance

introduce XHProf Is a layered PHP performance analysis tool. It reports the number of requests at the function level and various metrics, including blocking time, CPU time, and memory usage. The cost of a function can be subdivided into the cost of caller and callee. XHProf data collection stage, which records the tracking of call times and in ...

Posted on Sat, 18 Sep 2021 09:56:25 -0400 by jsantama

Analysis of force deduction problem - sum of two numbers

Analysis of force buckle problem 1. Sum of two numbers https://leetcode-cn.com/problems/two-sum/ Given an integer array nums and a target value target, please find the two integers with and as the target value in the array and return their array subscripts. You can assume that each input will correspond to only one answer. However, the same ...

Posted on Thu, 16 Sep 2021 22:23:19 -0400 by matto

PHP serialization and deserialization

PHP deserialization Principle: the serialization string entered by the user is not detected, so that the attacker can control the deserialization process, resulting in code failure Execution, SQL injection, directory traversal and other uncontrollable consequences. Some magic methods are automatically triggered during deserialization. W ...

Posted on Wed, 15 Sep 2021 16:31:05 -0400 by nysmenu

php command mode implementation

php command mode implementation summary Command pattern: encapsulate a request as an object, so that we can parameterize the customer with different requests; Queue requests or record request logs, and support revocable operations. Command mode is an object behavior mode, which is also called action mode or transaction mode. Take the motorcy ...

Posted on Mon, 13 Sep 2021 16:33:35 -0400 by bawla

Implementation of php responsibility chain model

php responsibility chain model summary Definition of Chain of Responsibility mode: in order to avoid coupling the request sender with multiple request handlers, all request handlers are connected into a chain by remembering the reference of the next object through the previous object; When a request occurs, it can be passed along the chain un ...

Posted on Sun, 12 Sep 2021 23:21:54 -0400 by I WanT To Code PHP

Utilization of phar protocol and gopher protocol in SSRF

When learning about SSRF vulnerabilities, we often only focus on the file protocol, because the utilization method is simple. In fact, with the improvement of php version and the specification of programming technology, fewer and fewer vulnerabilities can be directly exploited, so it is necessary to learn to use phar and gopher protocols. phar ...

Posted on Tue, 07 Sep 2021 19:43:59 -0400 by - - NC - -

Linux Enterprise Operation and maintenance - nginx+php

1.PHP source code compilation (1)php Download Can be in http://www.php.net/ ##Download from the official website Here I go directly to the host to get the software package and unzip it tar jxf php-7.4.12.tar.bz2 If the decompression fails, install bzip2 (2) Software compilation . / configure configuration make compilation make ...

Posted on Sun, 05 Sep 2021 13:46:45 -0400 by grissom

Detailed explanation of "PHP" phar file_ Phar file format_ Call phar class method to generate phar file

Introduction to phar Phar, the full name is PHP Archive. The phar extension provides a way to put the entire PHP application into a. Phar file for easy movement and installation The biggest feature of phar file is a convenient way to combine several files into one file. Phar file provides a method to distribute and run complete PHP programs in ...

Posted on Sun, 05 Sep 2021 02:00:09 -0400 by mingmangat

vue property binding and interaction

vue directive binding properties vue binds attributes by directive v-bind, src/width/height/title, such as v-bind:src='''can be abbreviated as: src=''', the same v-Bind:widthWait a moment, abbreviated as width,:height <script src="https://unpkg.com/vue/dist/vue.js"></script> <body> <div id="box"> <img v-bind:sr ...

Posted on Mon, 20 Jul 2020 12:11:32 -0400 by suaji