Taoyuan disk through the kill batch getshell-a vulnerability warning-the black bar safety net

ID MYHACK58:62201234235
Type myhack58
Reporter 佚名
Modified 2012-07-04T00:00:00


Source Forum: guest Forum the http://team.f4ck.net on

Starting blog: maniac blog the http://Madman.in on

Author: ghostly lamb

Google keywords: inurl:guest_ly. aspx

First: first see whether there can be a test of the “guest” account

! [](http://madman.in/wp-content/uploads/2012/07/1.png)

If there is, click the file management→upload→upload ashx horse

! [](http://madman.in/wp-content/uploads/2012/07/2.png)

After uploading the horse's path.


guest account

myfile is the default Upload File Save directory

This madman. ashx, after the implementation, will be in the same directory generated under a root. asp in a word, after the execution is complete, resolute chopper connection......

! [](http://madman.in/wp-content/uploads/2012/07/3.png)

[1] [2] next