upload-labs靶场第五关

华盟原创文章投稿奖励计划

简介

upload-labs是一个使用php语言编写的,专门收集渗透测试过程中遇到的各种上传漏洞的靶场。旨在帮助大家对上传漏洞有一个全面的了解。目前一共19关,每一关都包含着不同上传方式。

upload-labs第五关我用.htaccess 尝试上传但是没有成功,一般这个方法成功率还是挺高的!只好看下源代码了!

upload-labs靶场第五关


$is_upload = false;

$msg = null;

if (isset($_POST['submit'])) {

    if (file_exists(UPLOAD_PATH)) {

        $deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");

        $file_name = trim($_FILES['upload_file']['name']);

        $file_name = deldot($file_name);//删除文件名末尾的点

        $file_ext = strrchr($file_name, '.');

        $file_ext = str_ireplace('$DATA',$file_ext);//去除字符串$DATA

        $file_ext = trim($file_ext); //首尾去空

原来是被限制了,发现没有限制大小写,把php.php换成php.phP在上传试试!

upload-labs靶场第五关

upload-labs靶场第五关

在这里输入你的密码就可以“猥琐”了,快去试试吧,别告诉我密码不知道是什么!

华盟知识星球入口

本文原创,作者:congtou,其版权均为华盟网所有。如需转载,请注明出处:https://www.77169.net/html/226431.html

发表评论