1.测试test.php info.php php_info.php phpinfo.php
$ u H4 v: N2 F1 q9 c' t6 h, K* r$ v( B& {- u- Z1 L# \8 G
2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
0 i6 U4 |0 Y; q, _$ Z3 v
4 K# l4 P3 c% P& ^) [, ], \3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
' R( s0 }" J/ T; y+ t: c1 y) iphpMyAdmin/darkblue_orange/layout.inc.php } C$ V2 d7 {3 B5 L
phpMyAdmin/index.php?lang[]=1; z: Y+ L8 C% x" r U3 I
phpmyadmin/themes/darkblue_orange/layout.inc.php
7 e# v9 D) j8 V1 E* L1 N1 X4.利用搜索引擎爆绝对路径% X8 D/ Q& z3 }" K% `
site:www.huangse.com Warning
3 v7 k. P5 f6 T' `site:www.huangse.com inurl:Warning
7 [1 o( p% l6 j. ?0 z4 e% m: ]" |* j, B
等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。- H4 j; k5 s7 s% b9 [8 c
|
发表于 2012-9-15 13:49:11
收藏
支持
反对