Home > Cloud Computing > Cloud Security

Detection of a wp topic sales site

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

First, take a look at the side Station

There is a LANMP, which is an initial Page.

Try the default account and password provided by him. If there is a probe and phpinfo, collect the information first.

After learning about the basic situation, I targeted a DEDECMS. 5.7 of them may be injected. After testing, what's wrong with the character? Failed. Check the Update Time 2012.6. So, other stations are basically well-known CMS, and there have been no holes recently. At this moment, I came into being with an idea that has not passed through the brain and entered the background of dedecms, enter the default account password admin. Oh, my God. The character broke out at this moment. Come in !!

When you come in, upload the file quickly.

That is, it is OK to upload a jpg horse and then change it to php. But .....

Okay, upload and catch birds. How can this problem be solved. Write directly.

Then 1.php is generated. Creating a file doesn't work. You can only modify the index. Then, a php file is generated under the directory.

Cutting knife

The connection is successful, but the permission is very small. view the Bird Catcher In The wwwroot directory. According to the relationship between the folder and the domain name, I guess the website folder of the template team, but I had to go to shell to see it.

Shell is very powerful, the permission seems to be much larger than the previous one, but there is no written sentence, this is Mao? After analysis, it turns out that every website program is under the public_html folder under the corresponding folder. Everyone knows that the folder in linux is blue, but it is not displayed. I was shocked by the evil kitchen knife.


 

I wanted to check the kernel and raise the permission, but the corresponding exp does not seem to be found. In fact, it is not so troublesome.

I entered public_html and wrote the shell again, but it still failed. I got it. I don't have to worry about it. I compressed the template folder directly.

Download .....

43 M. So big, of course there are a lot of previous templates to achieve.

:

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ace of sales crm ocarina of time sales sales of ipad wp config site url wp site url site url wordpress wp config how to clone wp site
Related Article
How does personal cloud security guarantee data security?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More