Author: Cherry Blossom prodigal son [I .s. T] Intruders Technical Forum 5 m 'c5m5n55g' i6c-B-A * z
Source:
Http://www.hacklu.netHacker technology, intrusion technology, hacker technology exchange) M # D: O (v8t * Y) F: O
Note: Please note the copyright for reprinting. This article is copyrighted by 1st and Sakura prodigal son .!
2u (D7} 3 {"R -? Hacker technology, intrusion technology, hacker technology exchange www.intruder.com.cn, Q ('8i1k0d! W'm-_ 4b! {
Here, we only study the intrusion technology of computer hackers! 9Q W3 {5 H "m
I tested the vulnerability announcement from the Red Wolf, and the success rate was quite high. : @ "H1z5j % j1b, O, L b0l, y s only studies computer hacker intrusion technologies here! Description: any file name starting with. php, Apache are used as PHP File Parsing www.intruder.com. cn1l, I: V * q $ P-E! X /_
Here, we only study the intrusion technology of computer hackers! $ N8p7c7t8i0p2z
For example, ". php. Comment" will be parsed as a PHP file, resulting in a series of vulnerabilities. (] 'n')} 'r0h :@
# Z: Y 'K/c9fwww.intruder.com. cnmg is a popular PHP + HTML image management program in foreign countries. Due to the cracking of the commercial version, the program has been widely spread,
/Q + k5e0? 4f +? Search for the keyword "owered by Mg 2 v0.5.1" hacker technology, intrusion technology, hacker technology exchange + O (J. U) D-D "F
The latest version has the file Write vulnerability, which can be configured with the Apache vulnerability directly by using shell.
3 T. C. R/C) K! W & G % B! Z only studies the intrusion technology of computer hackers! : V; H (f5b, T8 @ * g4h * I
The addcomment () function in des/mg2_functions.php is as follows: www.intruder.com.cn-z5b; A (R % d "X" W'] * [3O) x 'G
#~ 2g3a-g3m; s7e intruder Technology Forum code: Here we only study computer hacker intrusion technology! 3X * L3 {4o0q: c2C-C9g + x9 [
3] 1j; J: ['a4h5z! G hacker technology | intrusion technology | penetration technology function addcomment () {intruder Technology Forum $ w7y! T; x2g/d3k + H
$ _ Request ['filename'] = $ this-> charfix ($ _ request ['filename']);
* Z/q) x2j #@. t2} $ request $ _ request ['input'] = $ this-> charfix ($ _ request ['input']); here we only study the intrusion technology of computer hackers! ]; N2w * _ 6g, O
$ _ Request ['email '] = $ this-> charfix ($ _ request ['email']);
9 @ 3 \ 5 _ * j: X & F "@ intruder technical forum $ _ request ['name'] = $ this-> charfix ($ _ request ['name']);
; E ([(E & o9v/X & N $ _ request ['input'] = strip_tags ($ _ request ['input'], "<B> </B> <I> </I> <u> </u> <strong> </strong> <em> </em> "); hacker technology | intrusion technology | penetration technology; L $ T | % I $ U "m3 '.? 0n
$ _ Request ['input'] = str_replace ("\ n", "<br/>", $ _ request ['input']);
/R$} & T %} + K. N hacker technology, intrusion technology, hacker technology exchange $ _ request ['input'] = str_replace ("\ r", "", $ _ request ['input']);
;} + Z (K, F, n here only studies computer hacker intrusion technology! If ($ _ request ['input']! = "" & $ _ Request ['name']! = "" & $ _ Request ['email ']! = "") {Hacker technology, intrusion technology, hacker technology exchange-C & u9v (N * z
$ This-> readcomments ("pictures/". $ _ request ['filename']. ". Comment"); only the intrusion technology of computer hackers is studied here! 0 [5d; w a % N. P3 \ 'q
$ Comment_exists = $ this-> select ($ _ request ['input'], $ this-> comments, 3, 1, 0); intruder Technical Forum/g6d1e4 [. a9j6g8l & R @
$ Comment_exists = $ this-> select ($ _ request ['name'], $ comment_exists, 0); here we only study computer hacker intrusion technology! 1j! Y: Z1 {; W + {5i2w
$ Comment_exists = $ this-> select ($ _ request ['email '], $ comment_exists, 2, 1, 0 );
$ V0h "| fig (A 'l * n4c2 \ www.intruder.com.cn if (count ($ comment_exists) = 0 ){
, K1] (w-I6v * r: O, zwww.intruder.com.cn $ this-> comments [] = array (Time (), $ _ request ['name'], $ _ request ['email '], $ _ request ['input']); only the intrusion technology of computer hackers is studied here! # Y8 '5z0x. @ # l4h + x
$ This-> writecomments ($ _ request ['filename']. ". Comment ");
/Q0i % q) m; W "r5d.......www.intruder.com.cn & S l2m,] 6O/k5f
; V-I $ v % R8 ^) L + v1m8r here only studies computer hacker intrusion technology! [Copy to clipboard]
* F) C + B 'r9n1p4p intruders Technical Forum, v5x/S % w1x4s $ v
5 ~ (I5G + u * n hacker technology | intrusion technology | penetration technology vulnerabilities are obvious. You can customize the comment file name if your custom filename is ". PHP ", then the program will be in hacking technology | intrusion technology | penetration technology; s9j4w (I/y5h4o + q" V']
The image root directory generates a ". php. Comment" file. Due to Apache vulnerabilities, this program is parsed as a PHP file, and webshell is ready.
'': B0O-n #}) N: r3z! V hacker technology, intrusion technology, hacker technology exchange
3X $ ~ 2 T, i6_2 [$ R) r y here only studies computer hacker intrusion technology! Exploitation process: go to Google to find a website with a vulnerability. The keyword "powered by Mg" is used to put the website to the exploitation tool written by Tong, as shown in Figure 1www.intruder.com.cn/?&w=a2f=g2d.
Intrusion technology, hacker technology exchange 6u9? & V5d ~
# H "w2t * w-w + {hacker technology | intrusion technology | penetration technologyClick Upload shell first, and wait for the webpage to return and then access shell. If the page shown in Figure 2 appears, the upload is successful. 3u "d0m; O * v4c4m
Www.intruder.com.cn p3a7? $ M + _
'N' (W/} 4 W; F $ T: E hacker Technology Forum hacker technology, intrusion technology, hacker technology exchange + T: ''R & F) t4i
Click a dedicated link to download the connection page. Figure 3. Write the webpage in the program and Click Upload. If the page shown in Figure 4 is successful, set TT. PHP. comment
Communication 3j $ E (| )@! S
The name of your Trojan is successful, and I am not familiar with the Lin system, so it is difficult to raise the right. I just hung a black page, and it seems that there is no black page in a year, haha. Figure 5. The tool is packaged for everyone. Intruders Technical Forum-A + z "W/! S' {4 V