版权声明:a3uRa QQ:962620891 github:asuralinmo.github.io https://blog.csdn.net/qq_41173457/article/details/82149865
include "flag.php";
$a = @$_REQUEST['hello'];
if(!preg_match('/^\w*$/',$a )){
die('ERROR');
}
eval("var_dump($$a);");
show_source(__FILE__);
?>
代码审计get传入
?hello=GLOBALS
得到flag