Sky's自留地

关注互联网安全,关注安全&攻击技术。

finecms v2.1.0 Management background exec code

展示类 阅读: 3291 3 评

  1. Edit the URL configuration at the URL Manager
    001.png
  2. Click Add Site
    002.png
  3. Enter the attack code at the bound domain name
    ',phpinfo()

Binding domain name is written as ',phpinfo()
Note: here phpinfo is only an example, the actual code can do any operation; the ', followed by
adding a PHP statement can be written by file_put_contents (write File operation)

  1. Click to submit
  2. Visit example.com/index.php?s=admin&c=site to see information about phpinfo
    003.png

DockerFile 编写小记
发表评论
撰写评论