【SWPUCTF 2022 新生赛】ez_upload Ting included in Web · 2024做题2024-10-31 About 100 words One minute Contents 思路 总结 [SWPUCTF 2022 新生赛]Ez_upload 思路 随便传一个png图片,结果不可以 传jpg可以,说明是要MIME检测Content-type=image/jpeg 改内容,随便找个一句话木马放进去可以上传,但是后缀名改不了 上传.htaccess,用蚁剑连接 总结 文件上传漏洞
Ting included in Web · 2024做题 Ting included in Web · 2024做题 Ting included in Web · 2024做题