1.测试test.php info.php php_info.php phpinfo.php) m3 S1 H$ B8 r+ w( G% d% R! d
: I6 G) m$ |: T* `" b6 D2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
3 f5 A* Q& D& Q' T5 w# q9 L. M
& [7 h/ w9 h$ p8 F( d9 L+ _8 ^3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
9 \$ ^1 g8 G, C8 ^phpMyAdmin/darkblue_orange/layout.inc.php: L `" g" ]( c3 Q1 ^5 Y8 `9 J
phpMyAdmin/index.php?lang[]=1
7 x% }; q! K& ~' x: sphpmyadmin/themes/darkblue_orange/layout.inc.php
: d7 C. F3 `4 ^! f5 w; Q1 m4.利用搜索引擎爆绝对路径
3 L9 m5 i7 O a1 m# gsite:www.huangse.com Warning4 P6 v" [2 h: _: r/ L
site:www.huangse.com inurl:Warning
" \3 s+ r0 b$ h9 B/ H. u
* R9 N/ u( ~6 U- h! P, b等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。
# R* Y7 A1 u) P' o |