(PHP)网络安全实验室脚本关快速口算题

<?php

header("content-type:text/html;charset=utf8;");

$url="http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php";

function request_post($url){

//创建一次会话,目的是获得cookie,和计算结果

$ch = curl_init($url);

curl_setopt($ch, CURLOPT_HEADER, true); //返回头信息

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);//返回数据不直接输出

$filecontent=curl_exec($ch);

curl_close($ch);

//正则获取算式,并计算出来

$pattern="/d+*d++d+*((d++d+))/";

preg_match($pattern,$filecontent,$match);

$res=$match[0];

$pattern1="/d+/";

preg_match_all($pattern1,$res,$match1);

$arr=$match1[0];

$last=(int)$arr[0]*(int)$arr[1]+(int)$arr[2]*((int)$arr[3]+(int)$arr[4]);

//echo $last;

//提取cookie信息

$pattert="/Set-Cookie: (w+=w+)/";

preg_match($pattert,$filecontent,$match);

$cookie=$match[1];

//echo $cookie;

$cont="v=".$last;

$ch=curl_init($url);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_HEADER, 0);

curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);

curl_setopt($ch, CURLOPT_COOKIE, $cookie);

curl_setopt($ch,CURLOPT_POSTFIELDS,$cont); //发送POST数据

$content=curl_exec($ch);

//echo $cont;

curl_close($ch);

var_dump($content);

}

request_post($url);

结果:

key is 123iohHKHJ%^&*(jkh

相关内容推荐