开始挑战第三十二关(Bypass addslashes)
0x1查看源代码
(1)代码关键点
很明显,代码中利用正则匹配将 [ /,'," ]这些三个符号都过滤掉了
function check_addslashes($string) { $string = preg_replace('/'. preg_quote('\\') .'/', "\\\\\\", $string); //escape any backslash $string = preg_replace('/\'/i', '\\\'', $string); //escape single quote with a backslash $string = preg_replace('/\"/', "\\\"", $string); //escape double quote with a backslash return $string; }