1.测试test.php info.php php_info.php phpinfo.php
7 y8 D# u1 k1 Y8 J
$ V# Z! Z" n+ {% G2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆4 m: V/ d7 T; ]3 Q& i0 _1 F, ]
" R( e8 y: i, C3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php
; f0 s. W* e3 G- Y+ ~phpMyAdmin/darkblue_orange/layout.inc.php
2 D3 @ E7 a0 x5 VphpMyAdmin/index.php?lang[]=1
/ o5 L' P2 T# f5 }8 O4 g! J iphpmyadmin/themes/darkblue_orange/layout.inc.php
' z _: p! O- l1 h$ R4.利用搜索引擎爆绝对路径
7 w" m: q& ^& |* B) C) ssite:www.huangse.com Warning
4 J4 r n/ F9 j9 Z6 psite:www.huangse.com inurl:Warning
. j- z, m7 g* J3 {0 S# k; u, m$ T4 m7 x+ q0 \1 H8 }0 u; z
等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。
& L8 P U% x8 i |
发表于 2012-9-15 13:49:11
收藏
支持
反对