1.测试test.php info.php php_info.php phpinfo.php
& B. Z4 e: w& r
% C4 q6 {6 Z* l$ k" |2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
/ K2 X8 R- b: u& \2 p7 w
8 n. ^4 G# {* }, Z3 G# A& C3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
- n/ f$ u5 |) {4 P* h X: KphpMyAdmin/darkblue_orange/layout.inc.php" x: [8 t! O( V0 S3 i* m; b0 p
phpMyAdmin/index.php?lang[]=1
" `3 @& n; s$ m: r2 M8 s, m! q" pphpmyadmin/themes/darkblue_orange/layout.inc.php
" n4 G7 U9 l0 R. r `4.利用搜索引擎爆绝对路径
+ B3 l* B% \5 r( T: y! Ysite:www.huangse.com Warning, f$ A1 e4 E) k+ N
site:www.huangse.com inurl:Warning
3 h4 P: ~% Q. t) E" f
, s r0 A* x- p6 E等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。: L1 l$ N f1 ^( ?9 x( F5 y
|
发表于 2012-9-15 13:49:11
收藏
支持
反对