### 简要描述:
csrf+xss+成功getshell以整站系统为例
### 详细说明:
后台无csrf防御,首先,看下全局过滤。全局过滤目录结构admin/index.php-admin/global.php-inc/common.inc.php这里是重点
```
None
```
[<img src="https://images.seebug.org/upload/201503/1710170356b598721575f7266518d6035df50bb2.png" alt="11.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/1710170356b598721575f7266518d6035df50bb2.png)
cookie=VGxWUVoIVz5QVwAGBlVQXFYABQRVUQJTAlVdWwMCA1RRBA8FBgdaBA==638eb521ba
mymd5
('VGxWUVoIVz5QVwAGBlVQXFYABQRVUQJTAlVdWwMCA1RRBA8FBgdaBA==638eb521ba','127.0.0.1')
得:
[<img src="https://images.seebug.org/upload/201503/17101728153d3ecab1535378a79c9e5bdc8c85d8.png" alt="10.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/17101728153d3ecab1535378a79c9e5bdc8c85d8.png)
密码为MD5加密,解密为admin 用户名passport第二个参数admin
京公网安备 11010502034610号
暂无评论