1.测试test.php info.php php_info.php phpinfo.php
P( c3 d* R- r4 ?8 g9 w: R* D/ S, O* m N% D) G
2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆
$ n. Z7 H# A6 ~" d4 o
. b. Z; R& s" @/ d" f- y6 ~6 F. G; i3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php6 M- C9 ?. T% I$ t6 K, O
phpMyAdmin/darkblue_orange/layout.inc.php
( G. J+ M! J" C( ]* T# IphpMyAdmin/index.php?lang[]=16 U0 m6 {* }2 D2 ~& N: ?
phpmyadmin/themes/darkblue_orange/layout.inc.php
' L% G) b5 v6 e b4.利用搜索引擎爆绝对路径
4 A' ^: v0 X/ F# Y' Jsite:www.huangse.com Warning
/ k v( u4 T* }/ B* `7 fsite:www.huangse.com inurl:Warning
6 D3 p+ O% b* u1 r) y5 L- B
% X$ K2 G. M( P- w& r% v. P等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。: n9 C) `) @! q+ a0 ^( a1 P4 u
|