0ctf Wallbreaker Easy Writeup
本文首发于先知
周末打了两天, 自闭 web 狗就做出来这一题, 另一题不知道调用啥 mbean 能拿 shell. 总之题目质量真的是非常高, 学到了很多.
描述 1Imagick is a awesome library for hackers to break `disable_functions`. 2So I installed php-imagick in the server, opened a `backdoor` for you. 3Let's try to execute `/readflag` to get the flag. 4Open basedir: /var/www/html:/tmp/949c1400c8390865cb5939a106fec0b6 5Hint: eval($_POST["backdoor"]);