1.测试test.php info.php php_info.php phpinfo.php& S. `* @' a/ X( b
+ E) M$ h5 s8 [2 O+ _2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆: I9 `8 {, ^: {
+ D3 ~ z4 K9 n9 a7 d
3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
0 S p3 R$ p6 b& ZphpMyAdmin/darkblue_orange/layout.inc.php
- X" Y3 r1 c3 c" Z1 x; SphpMyAdmin/index.php?lang[]=1
- s8 ]$ [3 W4 W3 p$ Y$ Q0 x" lphpmyadmin/themes/darkblue_orange/layout.inc.php
/ \+ {' a X* m! L) m1 _. K& L5 L4.利用搜索引擎爆绝对路径
+ P1 K: @% i0 t' ssite:www.huangse.com Warning
# {3 G9 G/ K: ^ x% L7 O- Dsite:www.huangse.com inurl:Warning) ] ` N/ i( O7 M+ R' v i
o8 U7 D1 C7 E! C) D. o. J8 E) S! r
等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。
! G3 ], Y- M$ V) H' z1 k. a9 O6 q |