Pikachu-Unsafe Filedownload Mo块

Others 2020-02-15 21:28:41 views: null

document dowload

 

 Right to open the file in a new tab:

 

 Observe the code behind it issued he did not do any protection directly to get to the strings together we can construct a complete download url download file:

http://192.168.0.105/pikachu/vul/unsafedownload/execdownload.php?filename=../../../inc/config.inc.php

 

 This put the sensitive files can be downloaded locally:

 

Guess you like

Origin www.cnblogs.com/hzk001/p/12313559.html
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com