昨天测试一个站点,能够上传php小马,也能够在特定的目录里拉大马,但是其他目录没有写权限,而且webshell无法运行,执行结果显示如下:
Warning: Unexpected character in input: '\' (ASCII=92) state=1 in /usr/xxx/htdocs/xxx/xx.php on line 2 Parse error: parse error, unexpected $ in /usr/xxx/htdocs/xxx/xx.php on line 8 我猜测这里是用了EscapeShellCmd这类命令进行了过滤?请教有什么办法提权或者执行webshell。 服务器信息: System : FreeBSD chinahosts.net 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Wed Aug i386 Apache/1.3.33 (Unix) PHP/4.3.11 Zend Engine v1.3.0 HTTP/1.1 CGI/1.1 php config path: /usr/local/Zend/etc/php.ini
-- 要向邮件组发送邮件,请发到 ph4nt0m@googlegroups.com 要退订此邮件,请发邮件至 ph4nt0m-unsubscr...@googlegroups.com