The latest vulnerabilities are simply Webshell.
========================================================================================
Hello, everyone. I'm ☆ black sweater ☆~~
This tutorial teaches everybody the newest loophole is simple to Webshell
Exploit the latest vulnerabilities (degree: severity)
I heard that there has not been out of the fix .... Oh ~ Maybe some people read the tutorial, but also some unknown white bar.
So, let's try this loophole this time. How to use it ...
Preparation Tool: eval backdoor execution procedure; picture Trojan;
1. Baidu-Advanced Search-keywords (input: reg/user_reg.asp)
2. Click on the site to enter the registration page (Note: Registered user name please format: xxx.asp)
Oh ~ because not prepared in advance ~ more than a few ha
3. Upload the image by uploading the Code Trojan Horse (/user/upload.asp?dialogtype=userblogpic&size=5)
Picture upload Successful
3. Connect the Trojan with a word connector (eval back door execution program)
Save to d:/www/web69112514/wwwroot/mail.asp Success! success
4. Success in getting Webshell
Let's get some more.
Http://www.w138.com/mail.asp
Http://www.ts-edu.org/mail.asp