Home > Cloud Computing > Cloud Security

Penetration beauty black wide site documentary

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Preface:

A female in the circle. I should have heard of it before. Start with passion:

Process:

Let's take a look at the target site. Empire CMS. No 0 day. Use the old Brother Yu Jian !!!

Discovery is out of the stars. The process of taking the bypass station here is very simple, so I will not introduce it much.

Off-star, supports aspx and only one writable file C: \ DocumentsandSettings \ AllUsers \ Application

Data \ HagelTechnologies \ DUMeter \ log.csv

There are no other writable directories and files. replace them with cmd. Most out of the stars can use the for command.

However, it is difficult to write files.

Same first: for/d % iin (d: \ xx \ *) do @ echo % I to list all directories.

However, what hurts is that the empire site cannot beat the website path. So I am very good at using the for column for a station.

Directory, and finally found the root directory of the target site.

But afterwards, I came up with a way to quickly find the root directory of the target station. I didn't pay attention to this.

Status. Share with you.

For/rd: \ % iin(2002910021.jpg) do @ echo % I use this command to search for

The Directory of the image 2002910021.jpg.

I did a test and found a picture with no duplicate names on the target site. Search for d: \ freehost \

Directory. At last, the target station has a directory that uses the text search function to find the target path.

It shows that all folders have this image, but it does not affect it. Because it lists all the root directories. We

You only need to search for a directory on the target site.

Then, the type is used to read the database connection information of config. inc. php.

Use the database connection function of php Trojan to find and crack the management account in the database.

A small problem occurs here: the password is cracked, but the login fails. Then I flipped it over, and there was another

Subdirectory is also the source code of the Empire.

Take the password and kill it in seconds.

This figure is not marked. We should all know that it was the station of the woman. Shell in the background

 

Summary:

If you have more than one friends, you are doing a good job.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
bitcoin documentary cryptocurrency documentary pmd beauty sleeping beauty images cast for american beauty life documentary watch online documentary about cryptocurrency
Related Article
How does personal cloud security guarantee data security?
Model-driven cloud security-automating cloud security with cl...
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Decrypting Cisco type 5 password hashes
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More