SupeSite 7.5 background upload webshell-vulnerability warning-the black bar safety net

ID MYHACK58:62201340449
Type myhack58
Reporter 佚名
Modified 2013-09-07T00:00:00


Get the webshell method without any technical content. the. There are many online similar. But, this see online also not, their just at once get a webshell in the process of discovery, so it sends to, Of course, related many examples. For example, the following two.

Example 1: the Wordpress dashboard to get WEBSHELL method

Example 2:

Method: go to background-model management-pour the model

Pour the model in the model ID and model name just to fill in and then in the upload where you can upload directly examples 1 wordpress get webshell methods to upload using a zip file is...

Then submit to save

Will appear the import fails, the model file does not exist

Without the tube, continue to return to model management-model backup there just upload the zip now named import_ random file name

The address is:随机文件名/import_随机文件名.zip

webshell: a 随机 文件 名 / 本地 webshell 名 .php

A very no technical content of the method, but better than the previous online have ever had a method to be convenient, and not affected by the space system to limit it. Without any technical content, please do not step on the~