code
<?php
//flag在/flag中
error_reporting(0);
$cmd = $_GET['cmd'];
function check(){
global $cmd;
$blacklist = ["print"," ","exit","die","eval","[","]","*","'","\"","`","echo"];
$blacklist = array_merge($blacklist, get_defined_functions()['internal']);
foreach($blacklist as $i){
if (preg_match ('/' . $i . '/im', $cmd)) {
echo "Your cmd is in blacklist" . "<br>";
return true;
break;
}
}
return false;
}
$file=$_GET['file'];
if(is_file($file)){
echo "You can't use inner file" . "<br>";
}
else{
if(file_exists($file)){
if(check()){
echo "Stop hack!!!" . "<br>";
}else{
eval($cmd);
}
}else{
echo "file isn't exist" . "<br>";
}
}
highlight_file(__FILE__);
?>