上一页 1 ··· 17 18 19 20 21 22 23 24 25 ··· 51 下一页
2020年5月6日
DVWA-6.2 Insecure CAPTCHA(不安全的验证码)-Medium
摘要: Medium Level 查看代码 <?php if( isset( $_POST[ 'Change' ] ) && ( $_POST[ 'step' ] == '1' ) ) { // Hide the CAPTCHA form $hide_form = true; // Get input $p 阅读全文
posted @ 2020-05-06 16:47 zhengna 阅读(327) 评论(0) 推荐(0)
DVWA-6.1 Insecure CAPTCHA(不安全的验证码)-Low
摘要: Insecure CAPTCHA Insecure CAPTCHA,意思是不安全的验证码,CAPTCHA是Completely Automated Public Turing Test to Tell Computers and Humans Apart (全自动区分计算机和人类的图灵测试)的简称。 阅读全文
posted @ 2020-05-06 16:46 zhengna 阅读(634) 评论(0) 推荐(0)
DVWA-5.4 File Upload(文件上传)-Impossible
摘要: Impossible Level 查看源码 <?php if( isset( $_POST[ 'Upload' ] ) ) { // Check Anti-CSRF token 校验token checkToken( $_REQUEST[ 'user_token' ], $_SESSION[ 'se 阅读全文
posted @ 2020-05-06 16:45 zhengna 阅读(1312) 评论(0) 推荐(0)
DVWA-5.3 File Upload(文件上传)-High-绕过文件类型限制
摘要: High Level 查看源码 <?php if( isset( $_POST[ 'Upload' ] ) ) { // Where are we going to be writing to? $target_path = DVWA_WEB_PAGE_TO_ROOT . "hackable/upl 阅读全文
posted @ 2020-05-06 16:44 zhengna 阅读(2830) 评论(1) 推荐(1)
DVWA-5.2 File Upload(文件上传)-Medium-绕过文件类型限制
摘要: Medium Level 查看代码 <?php if( isset( $_POST[ 'Upload' ] ) ) { // Where are we going to be writing to? $target_path = DVWA_WEB_PAGE_TO_ROOT . "hackable/u 阅读全文
posted @ 2020-05-06 16:43 zhengna 阅读(969) 评论(0) 推荐(0)
DVWA-5.1 File Upload(文件上传)-Low
摘要: Low Level 查看源码 <?php if( isset( $_POST[ 'Upload' ] ) ) { // Where are we going to be writing to? $target_path = DVWA_WEB_PAGE_TO_ROOT . "hackable/uplo 阅读全文
posted @ 2020-05-06 16:42 zhengna 阅读(573) 评论(0) 推荐(0)
DVWA-4.4 File Inclusion(文件包含)-Impossible-白名单
摘要: Impossible Level 查看源码 <?php // The page we wish to display $file = $_GET[ 'page' ]; // Only allow include.php or file{1..3}.php if( $file != "include. 阅读全文
posted @ 2020-05-06 16:41 zhengna 阅读(407) 评论(0) 推荐(0)
DVWA-4.3 File Inclusion(文件包含)-High-利用file协议绕过防护策略
摘要: High Level 查看源码 <?php // The page we wish to display $file = $_GET[ 'page' ]; // Input validation if( !fnmatch( "file*", $file ) && $file != "include. 阅读全文
posted @ 2020-05-06 16:40 zhengna 阅读(875) 评论(0) 推荐(0)
DVWA-4.2 File Inclusion(文件包含)-Medium-双写绕过str_replace替换规则
摘要: Medium Level 服务器端核心代码 <?php // The page we wish to display $file = $_GET[ 'page' ]; // Input validation $file = str_replace( array( "http://", "https: 阅读全文
posted @ 2020-05-06 16:39 zhengna 阅读(1154) 评论(0) 推荐(0)
DVWA-4.1 File Inclusion(文件包含)-Low
摘要: File Inclusion File Inclusion,意思是文件包含(漏洞),是指当服务器开启allow_url_include选项时,就可以通过php的某些特性函数(include(),require()和include_once(),require_once())利用url去动态包含文件, 阅读全文
posted @ 2020-05-06 16:36 zhengna 阅读(648) 评论(0) 推荐(0)
上一页 1 ··· 17 18 19 20 21 22 23 24 25 ··· 51 下一页