null;
if (isset($_POST['submit'])) {
if (file_exists($UPLOAD_ADDR)) {
$deny_ext = array('.asp...,.aspx,.php,.jsp后缀文件!'...;
}
}
从源码中我们可以看到,当前禁止了asp aspx php jsp等常见的后缀名。此时我们用BURP截包改包即可。
只需要将后缀名php改为phtml即可。...,".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx","...php4",".php3",".php2","php1",".html",".htm",".phtml",".pHp",".pHp5",".pHp4",".pHp3"
同理,还是很简单,我们仍需burp改包就可以了