Create a new database file, named a. mdb Create a new text file, 命名为b.txt and write the word Trojan At the command line enter the command copy a. mdb/b+b. txt/b c. mdb Get the c. mdb is already inserted into the word Trojan in the database Then in the posting the place to upload attachments, the database suffix is changed to RAR Preview the post, click on the attachment for download, you can get upload address Into the background, restore the database, enter uploaded files relative path in the target file must be written. asp format Prompt recovery is successful, the success of the Get webshell
8.0: the 2 0 0 3 System: ① Modify the forum basic settings in the Upload Directory setting is set to xxx. asp/ upload through the database to merge the ASP Trojan..change extension to upload.... You can get the Shell ② The database backup directory to/xx. the asp/1. mdb
Because DVBBS 8.0..can only backup to mdb format....
End if backpath=server. mappath(backpath) If Lcase(Mid(backpath,instrRev(backpath,".")+ 1))<>"mdb" Then response. write "save the database name is not legal" Response. End End If
Here we can put the path to the xxx. asp such as xxxx. the asp/1. mdb