Any ThinkSNS file contains

Any ThinkSNS file contains. Under certain conditions, the getshell problem occurs in public/minify. php.

Allowed_content_types = array ('js', 'css '); $ getfiles = explode (', ', strip_tags ($ _ GET ['F']); // resolution parameter $ gettype = (isset ($ _ GET ['T']) & $ _ GET ['T'] = 'css ')? 'Css ': 'js'; if ($ gettype = 'css') {$ content_type = 'text/css ';} elseif ($ gettype = 'js ') {$ content_type = 'application/x-javascript ';} else {die ('not allowed content type');} header ("content-type :". $ content_type. "; charset: UTF-8"); // note that you need to modify the encoding header ("cache-control: must-revalidate"); // header ("expires :". gmdate ("D, d m y h: I: s", time () + 60*60*24*7 ). "GMT"); // expiration time ob_start ("compress"); functio N compress ($ buffer) {// remove comments in the file $ buffer = preg_replace ('! /\ * [^ *] * \ * + ([^/] [^ *] * \ * + )*/! ', '', $ Buffer); return $ buffer;} foreach ($ getfiles as $ file) {$ fileType = strtolower (substr ($ file, strrpos ($ file ,'. ') + 1); if (in_array ($ fileType, $ allowed_content_types) {// contains all your css documents include ($ file );} else {echo 'not allowed file type :'. $ file ;}}

 

You can use $ _ GET ['F'] to pass a js or css suffix file. The content of the file is a php script and can be included and executed. When allow_url_fopen = On, it is very simple to use remote files directly. When it is Off, you can find a way to upload a js or css file to the server and then include it to be executed! Write a 1. js file in the root directory of the website <? Php phpinfo (); Access http: // xxxxxx/public/minify. php? F = ../1.js Solution:Strictly filter parameters