标签: xctf

1 篇文章

The 7th XCTF Finals WEB WP
WEB dbtrick admin.php 中读代码可以发现是从ctf.admin中读取username、password,如果能查询出数据着执行readfile('/flag') #admin.php <?php //flag is in /flag $con = new PDO($dsn,$user,$pass); $sql = &quo…