1.测试test.php info.php php_info.php phpinfo.php
: n l( ?& \9 m! e' x. |
# a2 B* Z9 l5 y% }2 ~" z4 X' S0 [2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆 C# ]2 X3 L2 L6 e4 ~
, \" E8 t2 S* Y0 Z9 B$ u- ~3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php/ M4 B( O) [5 `, @
phpMyAdmin/darkblue_orange/layout.inc.php
B3 M# \ c" @+ z5 AphpMyAdmin/index.php?lang[]=1
2 |9 ~; s9 [. ]6 w7 A" pphpmyadmin/themes/darkblue_orange/layout.inc.php
% h D0 t" b2 c- m, A7 p4.利用搜索引擎爆绝对路径
9 B% j1 `, X) nsite:www.huangse.com Warning
' T! [1 Y2 @1 h; i' Osite:www.huangse.com inurl:Warning
+ a/ G$ q' P" q. v9 y
; s6 M2 \9 }6 Z% {2 q0 @2 b' m等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。8 x* N- l' R) s0 ~& P" z
|
发表于 2012-9-15 13:49:11
收藏
支持
反对