1.测试test.php info.php php_info.php phpinfo.php3 x6 G1 }0 }1 A' E+ m# O
" @8 ?, Z. [) f9 m- N2.扫描看有没有fck编辑器,如果有就用fckeditor\editor\dialog\fck_spellerpages\spellerpages\server-scripts\spellchecker.php爆3 _' ~ J J( X+ v% J2 v u
, F; A. F, P U2 v$ X) m) |2 i3.看看有没有phpmyadmin或者phpMyAdmin利用phpMyAdmin/libraries/select_lang.lib.php+ d# |9 v8 k5 j7 V% Q/ y- r* q
phpMyAdmin/darkblue_orange/layout.inc.php
. w) q8 B" l; j9 \" |( rphpMyAdmin/index.php?lang[]=12 U0 W$ f$ ]5 C; j! d4 k6 x8 L: N
phpmyadmin/themes/darkblue_orange/layout.inc.php, O! G; t b; h2 P
4.利用搜索引擎爆绝对路径
! ]3 h0 X8 v7 r' E' R; Rsite:www.huangse.com Warning. K- z' N+ P- E1 M+ y% t/ d
site:www.huangse.com inurl:Warning
! }/ ^0 m0 Y0 F; u3 j' D
2 X6 V- O7 Y2 W; n F8 z; Q等以后慢慢往上补吧,利用单引号的方法俺就不说了。。。/ M' T c0 ^. u5 v( ~
|
发表于 2012-9-15 13:49:11
收藏
支持
反对