uplload 通关纪实 pass20
Posted 安全界 的彭于晏
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了uplload 通关纪实 pass20相关的知识,希望对你有一定的参考价值。
$is_upload = false;
$msg = null;
if (isset($_POST['submit']))
if (file_exists(UPLOAD_PATH))
$deny_ext = array("php","php5","php4","php3","php2","html","htm","phtml","pht","jsp","jspa","jspx","jsw","jsv","jspf","jtml","asp","aspx","asa","asax","ascx","ashx","asmx","cer","swf","htaccess");
$file_name = $_POST['save_name'];
$file_ext = pathinfo($file_name,PATHINFO_EXTENSION);
if(!in_array($file_ext,$deny_ext))
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH . '/' .$file_name;
if (move_uploaded_file($temp_file, $img_path))
$is_upload = true;
else
$msg = '上传出错!';
else
$msg = '禁止保存为该类型文件!';
else
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
首先写一个一句话木马:
之后上传20.php.(我重命名时是命名为20.php.,可能后面那个点不会显示出来),然后保存名称也修改为20.php.,如下图所示:
之后可以访问下这个地址,也可以通过检查元素看到它的保存路径:
然后用菜刀进行连接:
成功访问到:
以上是关于uplload 通关纪实 pass20的主要内容,如果未能解决你的问题,请参考以下文章