‘’[HITCON 2017]SSRFme‘’
# [HITCON 2017]SSRFme
127.0.0.1<?php
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$http_x_headers = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
$_SERVER['REMOTE_ADDR'] = $http_x_headers[0];
}
echo...
more...