Category: 技术文档
2005-11-13 15:09:33 by: h4x0r

天空小偷+asp300小偷获得shell方法

Font Size: Large | Medium | Small
存在多处注入漏洞,Nclass.asp?classid=1,sql注入管理员用户和密码(密码明文),在系统设置可以直接写入webshell,文件在系统根目录下的config.asp文件。
Comments Feed Comments Feed: http://www.4evil.org/feed.asp?q=comment&id=138

There is no comment on this article.

Post Comment
Smilies
[smile] [confused] [cool] [cry]
[eek] [angry] [wink] [sweat]
[lol] [stun] [razz] [redface]
[rolleyes] [sad] [yes] [no]
[heart] [star] [music] [idea]
Enable UBB Codes
Auto Convert URL
Show Smilies
Hidden Comment
Username:   Password:   Register Now?
Security Code * Please Enter the Security Code