I haven't written an article for a long time. Today I will write an article about spam. First, I met a station during the bypass process and scanned it with wwwscan according to my habits. Go to the backend address and database Enter the background. When I saw the backup database, I thought it was better. Unexpectedly ....
Sadly, no asp asa cer is available for the backup name. Php is acceptable, but php is not parsed. So I thought of creating a folder 1.asp. That is to say, by using the Backup Directory, you can write a new one, but still filter out asp. So, I tried to crack the background and finally, my friend sent a webshell, he said he didn't know either. It was the webshell that his friend won. He doesn't know the method either. I'm dizzy. Then I thought, he must leave something in the process. So I looked at it. Our masterpiece .... Hey, he hasn't deleted it. I found out. This is the case. S. ASA; mdb. mdb
But I tried it before. 1. asa; 1, but it doesn't work. Let's take a closer look at the case of ASA in upper case... Finally, I understood that he filtered out asp asa, but I didn't worry too much about the ASA capital, and it was a mistake to write code. The webshell is successfully obtained. |