upload
好好学习不好吗?
这个作者很懒,什么都没留下…
展开
-
大家好,我换博客了 嘻嘻
我的新博客原创 2019-11-15 09:54:24 · 158 阅读 · 0 评论 -
upload pass20
$is_upload = false;$msg = null;if(!empty($_FILES['upload_file'])){ //检查MIME $allow_type = array('image/jpeg','image/png','image/gif'); if(!in_array($_FILES['upload_file']['type'],$allow_...原创 2019-11-07 17:05:26 · 341 阅读 · 0 评论 -
upload pass-16
#upload-labspass-16在这里必须好好诉诉苦,弄了好久/(ㄒoㄒ)/~~首先上网弄一张.gif的图片,往里面弄一句话木马直接上传,然而发现C刀连接不了,查看源代码。发现有二次渲染在搞鬼,猜测它将我在1.gif最后的一句话给渲染没了,所以我只能将靶机上的图片跟我上传的图片进行对比,看看哪些是渲染前后都没有改变的,然后往1.gif没有改变的区域再加入一句话木马,然后直接上传,最后...原创 2019-11-07 15:55:12 · 176 阅读 · 0 评论 -
upload-labs pass19
upload -labs pass19$is_upload = false;$msg = null;if (isset($_POST['submit'])) { if (file_exists(UPLOAD_PATH)) { $deny_ext = array("php","php5","php4","php3","php2","html","htm","phtml"...原创 2019-11-07 14:17:11 · 363 阅读 · 0 评论 -
upload -labs pass17
#upload -labs pass17#######################unlink() 函数删除文件。若成功,则返回 true,失败则返回 false。语法unlink(filename,context)#######################$is_upload = false;$msg = null;if(isset($_POST['submit']...原创 2019-11-07 13:06:02 · 562 阅读 · 0 评论 -
upload-labs pass13
#upload-labspass 13function getReailFileType($filename){ $file = fopen($filename, "rb"); $bin = fread($file, 2); //只读2字节 fclose($file); $strInfo = @unpack("C2chars", $bin); $...原创 2019-11-06 15:33:28 · 484 阅读 · 0 评论 -
upload -labs 4-10
upload -labsPass -04$is_upload = false;$msg = null;if (isset($_POST['submit'])) { if (file_exists(UPLOAD_PATH)) { $deny_ext = array(".php",".php5",".php4",".php3",".php2",".php1",".htm...原创 2019-11-06 11:00:50 · 409 阅读 · 0 评论 -
#upload -labs Pass01-03
#upload-labspass-01首先先直接上传hack.php(<?php eval($_POST['READER']);?>),一句话木马试试水结果出错“该文件不允许上传,请上传.jpg|.png|.gif类型的文件,当前文件类型为:.php”盲猜是前端代码所致,所以采用通用做法先上传一句话木马图片hack.jpg然后通过抓包上传成功,后面就用Cknife连接...原创 2019-11-06 10:08:17 · 209 阅读 · 0 评论 -
upload labs pass11-12(00截断)
#upload-labspass 11$is_upload = false;$msg = null;if(isset($_POST['submit'])){ $ext_arr = array('jpg','png','gif'); $file_ext = substr($_FILES['upload_file']['name'],strrpos($_FILES['uploa...原创 2019-11-06 13:40:07 · 527 阅读 · 0 评论