<?php
#Try to read /flag
if(!isset($_GET['command'])&!isset($_GET['parameter'])) {
show_source(__FILE__);
die();
}
$command = $_GET['command'];
$parameter = $_GET['parameter'];
function filter($data) {
$black_list = array('"', "'", " ","flag", "\n");
foreach ($black_list as $key) {
$data = str_replace($key, '', $data);
}
return $data;
}
$command = filter($command);
popen("$command",$parameter);
?>
请问这个做出来了吗? 解题思路是啥?