null;
if (isset($_POST['submit'])) {
if (file_exists($UPLOAD_ADDR)) {
$deny_ext = array('.asp...;
}
}
从源码中我们可以看到,当前禁止了asp aspx php jsp等常见的后缀名。此时我们用BURP截包改包即可。
只需要将后缀名php改为phtml即可。...".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer","....aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf");
$file_name = trim...同理,还是很简单,我们仍需burp改包就可以了。