1.测试test.php info.php php_info.php phpinfo.php# G0 [9 f( X& \1 V- ^4 T0 K
: t& ?0 Z5 j/ f& F- @$ \" x
2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆: Y+ {! D6 [/ ?& y9 j. B
+ f& O# w0 f# u
3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php6 g1 |1 k" o* @/ a6 }
phpMyAdmin/darkblue_orange/layout.inc.php
+ r' @2 }! z& S" V7 yphpMyAdmin/index.php?lang[]=1
" S3 F" H3 R; n; o1 |$ _( d7 {phpmyadmin/themes/darkblue_orange/layout.inc.php
2 H- P* V3 u' n1 z/ q$ M+ g4.利用搜索引擎爆绝对路径
7 j" B5 v- `5 O8 dsite:www.huangse.com Warning; `) b& o2 `! s9 [
site:www.huangse.com inurl:Warning
6 s+ n9 j% {" k% |& ?9 y0 q4 E3 f
等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。
, j6 r: j, U; w2 ]+ G' `& F |