YxCMS v1.21任意文件写入漏洞
YxCMS v1.21任意文件写入漏洞
靶机:172.168.83.154
kali:172.168.30.45
常规扫描
扫出来后台管理界面地址
后台弱口令
http://172.168.83.154/index.php?r=admin/set/tpadd&Mname=default
http://172.168.83.154/protected/apps/default/view/default/shell.php
ms17-010 一键打穿