Author: Shao
A friend lost a station in an acquaintance group a few days ago (it seems that I gave him an address to make him a little money) and said there was an upload that could be used, but it could not be parsed. I read it.
I thought this could be a direct deception, but I couldn't try any common methods.
Changed to upload. asp. I tried to truncate it. I was trying to try it. A nc friend sent a message saying that the nc couldn't solve it.
The whole site should be a better breakthrough. After reading the source file, we suddenly found a place that seems to be usable.
ASP/Visual Basic Code
Hey, I hope you can change all hidden to test, delete previusfile, and add the action.
Then save the local file. For this type of upload, you can directly upload asp files. However, I tried to find that it still does not work, so I had to modify the path.
The path is changed to 1.asp. Changing 1.asp;/still does not work. Ping it and check that TLL (although this can be changed, but few people change it) 117 may be killed. It's still a bit annoying if I change to a kill-free one. After smoking a cigarette, I wondered if I could modify the Upload File name without parsing it? Isn't it IIS? However, all of his servers are asp and php-free. Suddenly. Since any file name can be changed to 1.asp;.jpg and so on, it may be possible to lose a pony for parsing.
No idea in this article is nothing more than careful observation ..
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
