哈哈哈哈
<?php
class SoFun{
protected $file='index.php';
function __destruct(){
if(!empty($this->file))
{
//查找file文件中的字符串,如果有'\\'和'/'在字符串中,就显示错误
if(strchr($this->file,"\\")===false && strchr($this->file, '/')===false)
{
show_source(dirname (__FILE__).'/'.$this ->file);
}
else{
die('Wrong filename.');
}
}
}
function __wakeup()
{
$this-> file='index.php';
}
public function __toString()
{
return '';
}
}
if (!isset($_GET['file']))
{
show_source('index.php');
}
else{
$file=base64_decode( $_GET['file']);
echo unserialize($file );
}
?> #<!--flag in flag.php-->