upload-labs靶场第五关
简介
upload-labs是一个使用php语言编写的,专门收集渗透测试过程中遇到的各种上传漏洞的靶场。旨在帮助大家对上传漏洞有一个全面的了解。目前一共19关,每一关都包含着不同上传方式。
upload-labs第五关我用.htaccess 尝试上传但是没有成功,一般这个方法成功率还是挺高的!只好看下源代码了!
$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = str_ireplace('$DATA',$file_ext);//去除字符串$DATA
$file_ext = trim($file_ext); //首尾去空
原来是被限制了,发现没有限制大小写,把php.php换成php.phP在上传试试!
在这里输入你的密码就可以“猥琐”了,快去试试吧,别告诉我密码不知道是什么!