Skip to content

神一样存在的eval

<?php echo eval("?>".$x."<?") ?>

我的天,这行代码太伟大了!!!!!!!!!!!!!!!!!!!!!!!!!!!

 

 

我靠这行代码。。。。。。。。。。。。。。::

This is not an answer per se, but here’s something interesting:

$y = str_replace('z', 'e', 'zxzc');
$y("malicious code");

 

In the same spirit, call_user_func_array() can be used to execute obfuscated functions.

 

 

过滤函数:

eval
exec
passthru
system
shell_exec
``
popen
proc_open
pcntl_exec
assert
preg_replace
create_function
function
include
include_once
require
require_once
$_GET
ReflectionFunction
str_replace
invoke
invokeArgs
phpinfo
ob_start
array_diff_uassoc
array_diff_ukey
array_filter
array_intersect_uassoc
array_intersect_ukey
array_map
array_reduce
array_udiff_assoc
array_udiff_uassoc
array_udiff
array_uintersect_assoc
array_uintersect_uassoc
array_uintersect
array_walk_recursive
array_walk
assert_options
uasort
uksort
usort
preg_replace_callback
spl_autoload_register
iterator_apply
call_user_func
call_user_func_array
register_shutdown_function
register_tick_function
set_error_handler
set_exception_handler
session_set_save_handler
sqlite_create_aggregate
sqlite_create_function
phpinfo
posix_mkfifo
posix_getlogin
posix_ttyname
getenv
get_current_user
proc_get_status
get_cfg_var
disk_free_space
disk_total_space
diskfreespace
getcwd
getlastmo
getmygid
getmyinode
getmypid
getmyuid
extract
parse_str
putenv
ini_set
mail
header
proc_nice
proc_terminate
proc_close
pfsockopen
fsockopen
apache_child_terminate
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
fopen
tmpfile
bzopen
gzopen
SplFileObject
chgrp
chmod
chown
copy
file_put_contents
lchgrp
lchown
link
mkdir
move_uploaded_file
rename
rmdir
symlink
tempnam
touch
unlink
imagepng
imagewbmp
image2wbmp
imagejpeg
imagexbm
imagegif
imagegd
imagegd2
iptcembed
ftp_get
ftp_nb_get
file_exists
file_get_contents
file
fileatime
filectime
filegroup
fileinode
filemtime
fileowner
fileperms
filesize
filetype
glob
is_dir
is_executable
is_file
is_link
is_readable
is_uploaded_file
is_writable
is_writeable
linkinfo
lstat
parse_ini_file
pathinfo
readfile
readlink
realpath
stat
gzfile
readgzfile
getimagesize
imagecreatefromgif
imagecreatefromjpeg
imagecreatefrompng
imagecreatefromwbmp
imagecreatefromxbm
imagecreatefromxpm
ftp_put
ftp_nb_put
exif_read_data
read_exif_data
exif_thumbnail
exif_imagetype
hash_file
hash_hmac_file
hash_update_file
md5_file
sha1_file
highlight_file
show_source
php_strip_whitespace
get_meta_tags

 

Published inDiary

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

http://next.sh/wp-content/smilies/icon_confused.gif 
http://next.sh/wp-content/smilies/icon_cool.gif 
http://next.sh/wp-content/smilies/icon_cry.gif 
http://next.sh/wp-content/smilies/icon_eek.gif 
http://next.sh/wp-content/smilies/icon_evil.gif 
http://next.sh/wp-content/smilies/icon_exclaim.gif 
http://next.sh/wp-content/smilies/icon_idea.gif 
http://next.sh/wp-content/smilies/icon_mad.gif 
http://next.sh/wp-content/smilies/icon_mrgreen.gif 
http://next.sh/wp-content/smilies/icon_neutral.gif 
http://next.sh/wp-content/smilies/icon_question.gif 
http://next.sh/wp-content/smilies/icon_razz.gif 
http://next.sh/wp-content/smilies/icon_redface.gif 
http://next.sh/wp-content/smilies/icon_rolleyes.gif 
http://next.sh/wp-content/smilies/icon_sad.gif 
http://next.sh/wp-content/smilies/icon_smile.gif 
http://next.sh/wp-content/smilies/icon_arrow.gif 
http://next.sh/wp-content/smilies/icon_biggrin.gif 
http://next.sh/wp-content/smilies/icon_surprised.gif 
http://next.sh/wp-content/smilies/icon_twisted.gif 
http://next.sh/wp-content/smilies/10.gif 
http://next.sh/wp-content/smilies/102.gif 
http://next.sh/wp-content/smilies/103.gif 
http://next.sh/wp-content/smilies/106.gif 
http://next.sh/wp-content/smilies/108.gif 
http://next.sh/wp-content/smilies/20.gif 
http://next.sh/wp-content/smilies/26.gif 
http://next.sh/wp-content/smilies/37.gif 
http://next.sh/wp-content/smilies/99.gif