1.测试test.php info.php php_info.php phpinfo.php2 D. n# A. m) Y; l
6 B$ m) \( g& K: h; j: w2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆3 B( ~& }% m) t: h7 J& l/ z
& w4 }9 }) \. Z, J* I. t# A
3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
) F+ D) Q& o0 n9 |0 p* T, f" s* N RphpMyAdmin/darkblue_orange/layout.inc.php& c$ e! c5 D2 J& I+ p
phpMyAdmin/index.php?lang[]=1* @$ M- c2 i$ ]. Y
phpmyadmin/themes/darkblue_orange/layout.inc.php
; u) |! \: f. a/ S* b" F7 ^" }4.利用搜索引擎爆绝对路径
1 S" l [$ ~( L8 r+ I4 b1 ]site:www.huangse.com Warning
% e2 G( K! \4 D! Y* _8 y7 ysite:www.huangse.com inurl:Warning
. `/ u: j. ~; T' x1 Z2 n
1 y5 ^9 i+ [) b% d0 u7 [等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。/ f, J1 l: K3 `, q" V% }
|