php代码分析
求大佬帮忙分析这段代码,怎么样读取文件<?php
/**
maybe you need get the contents in hint.php!
Ohhhhh you don't know how to get it?
Why don't you try readfile?
**/
error_reporting(0);
show_source(__FILE__);
Class Hello{
public $filename;
public $contents;
public function __construct(){
$this->filename = "hint.php";
$this->contents = "you guess";
}
public function fileread(){
echo "keep going";
}
}
$a = $_GET["a"];
$b = $_GET["b"];
$c = $_GET["c"];
$d = $_GET["d"];
$e = $_GET["e"];
$f = $_GET["f"];
$g = $_GET["g"];
$class = new $a($b);
$str1 = substr($class->$c(),$d,$e);
$str2 = substr($class->$c(),$f,$g);
$str1($str2); show_source函数起到了关键性作用 院主 发表于 2021-12-20 16:01
show_source函数起到了关键性作用
具体要怎么构造呢,需要读取hint.php里面的内容
不知道,php还不熟 $d,$e,$f,$g 都是数字
主要是分析 $a($b) 到底定义的是什么 {:1_908:}你发错版块了
请发『编程语言讨论求助区』:https://www.52pojie.cn/forum-74-1.html
或者『悬赏问答区』:https://www.52pojie.cn/forum-8-1.html 本帖最后由 冰茶荼 于 2021-12-20 17:10 编辑
$a=ReflectionClass,lz试试
千万不要删除注释哦
这道题的特色就在注释
没有注释无法获取哦 本帖最后由 冰茶荼 于 2021-12-20 17:33 编辑
<?php
/**
maybe you need get the contents in hint.php!
Ohhhhh you don't know how to get it?
Why don't you try readfile?
**/
// error_reporting(0);
show_source(__FILE__);
Class Hello{
public $filename;
public $contents;
public function __construct(){
$this->filename = "hint.php";
$this->contents = "you guess";
}
public function fileread(){
echo "keep going";
}
}
$a = $_GET["a"];
$b = $_GET["b"];
$c = $_GET["c"];
$d = $_GET["d"];
$e = $_GET["e"];
$f = $_GET["f"];
$g = $_GET["g"];
$class = new $a($b);
$str1 = substr($class->$c(),$d,$e);
$str2 = substr($class->$c(),$f,$g);
$str1($str2);
// var_dump($str2);
// $str1($str2);
?>
首先想到的是$a可能是反射类 ReflectionClass
然后用反射类的方法 getDocComment 获取注释
注释里面有 readfile方法名称 hint.php 文件名称
通过分割字符串 拼接方法,不是很难就是ReflectionClass 反射类平常不会用到
附成功截图
页:
[1]