1.测试test.php info.php php_info.php phpinfo.php
3 p" V' L# S# h& f* C4 j! E# h# p3 z3 g( z0 b
2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
: x$ N+ W2 z7 ^( \/ l
$ _/ o, p* j6 P1 l7 ]3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php0 T; q/ m9 C J! M- ^ L
phpMyAdmin/darkblue_orange/layout.inc.php' X- F7 ?; x1 m9 @8 x' `1 N4 z6 _1 f
phpMyAdmin/index.php?lang[]=1
4 k, C! p3 W5 y* vphpmyadmin/themes/darkblue_orange/layout.inc.php0 c; P4 n+ E9 I
4.利用搜索引擎爆绝对路径2 P4 L5 N/ o7 ?3 w5 z6 m
site:www.huangse.com Warning/ O6 v1 |1 F5 X6 Y+ S, g1 r
site:www.huangse.com inurl:Warning+ {0 L! Y j; d4 }
# E3 I; P9 P" ^: [7 p* L等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。
; y* A2 b+ y* w8 Z' X' C. Y |