Recently seen is tipask system shows a vulnerability, it is said that only the root to get a shell, but looking at the background function is so rich, side dish, or try in addition to take the shell method, saying that although not pass to kill, but also can barely use with
tipask background not have sql perform the function? In the database inserted into a word, and then through the database backup feature to backup to a similar XX. ASP;_. SQL file, because the backup of database files each at the beginning of the added# <? exit();?& gt;, so only at the same time support asp IIS6 on to use. While in the database backup to verify the file name, so the needs of the local submission of breakthrough verification OK
Nothing technical content, bear with me.