1.测试test.php info.php php_info.php phpinfo.php: h0 h) \% D' {; S
6 w+ l3 j% y2 k2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
- {- X! s3 [. ?& [) x1 C" o4 L9 b
3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
& C/ K3 [9 s n+ VphpMyAdmin/darkblue_orange/layout.inc.php" c0 g( ^$ Y/ y. M$ L' m
phpMyAdmin/index.php?lang[]=12 @6 w! Z( K5 X( D! {& D. D
phpmyadmin/themes/darkblue_orange/layout.inc.php) s) s9 e4 t/ A- j
4.利用搜索引擎爆绝对路径
5 F" U' _+ y1 x8 `2 {site:www.huangse.com Warning
" p) s3 J$ A" [! J9 I8 p. s" H* Rsite:www.huangse.com inurl:Warning" C. t$ m- |" Q; W9 ?5 `- n
! _. Y4 O, T/ _ K3 q+ ?
等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。5 r* ~/ o z* L$ j
|
发表于 2012-9-15 13:49:11
收藏
支持
反对