1.测试test.php info.php php_info.php phpinfo.php7 A' R( T7 T; h1 |
- }# D1 ~1 Q$ Z9 {4 ^1 l; g- i
2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆4 S4 ~" V# S; u1 ~- _
' k# K7 V) s1 H5 x) |/ q
3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php- t o }0 Q% Z8 i
phpMyAdmin/darkblue_orange/layout.inc.php
' [: o) n, z4 _5 z% {5 r2 C- FphpMyAdmin/index.php?lang[]=1. l" u8 n* r8 t6 x
phpmyadmin/themes/darkblue_orange/layout.inc.php
" Q, ^* S4 R* y( z4.利用搜索引擎爆绝对路径! z! `. a+ X* [. u$ G, T
site:www.huangse.com Warning0 X7 X3 H1 a1 Y) B7 \6 O
site:www.huangse.com inurl:Warning
: t$ B1 e; J+ s8 T; z
) |( u2 y" t6 }3 A0 ?. F等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。4 g p. ^+ |( i5 s8 [
|
发表于 2012-9-15 13:49:11
收藏
支持
反对