<?php
    header("content-type:text/html;charset=utf-8");
    highlight_file(__FILE__);
    $url = 'http://'. $_GET[url];
     $url = str_replace('..','',$url);
        // $link = str_replace('./','',$link);
        $url = str_replace('conn','',$url);
    $parsed = parse_url($url);
    if( $parsed[port] == 80 ){  // 这里限制了我们传过去的url只能是80端口的
      readfile($url);
    } else {
      die('Hacker!');
    }
?>


Warning: readfile(http://127.0.0.1:1234:80/flag.txt): failed to open stream: Connection refused in /home/wwwroot/www.nanhack.com/payload/ssrf/submit/ssrf5.php on line 10