前言
[flask|文件覆盖]
from flask import Flask, request, Response
from requests import get
app = Flask(__name__)
@app.route('/')
def index():
return Response(open(__file__).read(), mimetype='text/plain')
@app.route('/upload', methods=["POST"])
def upload_post():
if "file" not in request.files:
return "File format error"
file = request.files['file']
if file.filename == '':
return "File format error"
file.save("./uploads/" + file.filename)
return f"Upload success! Saved {file.filename}"
@app.route('/flag')
def check():
flag = open("/flag").read()
get(f"http://localhost/{flag}")
return "Flag is already sent"
if __name__ == '__main__':
app.run("0.0.0.0","80")题解
上传requests.py,修改get()函数即可。
如果出网直接请求https://beeceptor.com/
不出网就写文件到upload。
![赛题笔记-[CISCN2022]总决赛-第一天](/medias/featureimages/51.jpg)