Warning: preg_match(): No ending delimiter '_' found in /var/www/html/magic3/index.php on line 4
<?php
include "./config.php";
if(preg_match('_',$_SERVER['QUERY_STRING'])){
die('Do not hacking!');
}
if(isset($_GET['__flag__'])){
echo $flag;
}
show_source(__FILE__);
?>아래는 페이지 소스 보기.
<br />
<b>Warning</b>: preg_match(): No ending delimiter '_' found in <b>/var/www/html/magic3/index.php</b> on line <b>4</b><br />
<code><span style="color: #000000">
<span style="color: #0000BB"><?php<br /> </span><span style="color: #007700">include </span><span style="color: #DD0000">"./config.php"</span><span style="color: #007700">;<br /><br /> if(</span><span style="color: #0000BB">preg_match</span><span style="color: #007700">(</span><span style="color: #DD0000">'_'</span><span style="color: #007700">,</span><span style="color: #0000BB">$_SERVER</span><span style="color: #007700">[</span><span style="color: #DD0000">'QUERY_STRING'</span><span style="color: #007700">])){<br /> die(</span><span style="color: #DD0000">'Do not hacking!'</span><span style="color: #007700">);<br /> }<br /> if(isset(</span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'__flag__'</span><span style="color: #007700">])){<br /> echo </span><span style="color: #0000BB">$flag</span><span style="color: #007700">;<br /> }<br /><br /> </span><span style="color: #0000BB">show_source</span><span style="color: #007700">(</span><span style="color: #0000BB">__FILE__</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?></span>
</span>
</code>
isset() 이 변수가 설정되어있는지 확인해보는 함수이기 때문에 __flag__ 변수를 설정해 GET할 수 있도록 하면 TRUE가 반환된다.
'CTF > SWING CTF 2023' 카테고리의 다른 글
| [Misc] Can U guess? (0) | 2023.08.05 |
|---|---|
| [Web] Magic-4 (0) | 2023.08.05 |
| [Web] Magic-2 (0) | 2023.08.05 |
| [Web] Magic-1 (0) | 2023.08.05 |
| [Misc] Nogada (0) | 2023.08.05 |
