Skip to content

Commit

Permalink
Merge pull request #109 from harnnless/patch-1
Browse files Browse the repository at this point in the history 
检测 PHP 文件上传是否成功的例子代码存在问题
  • Loading branch information
@nixawk
nixawk authored Sep 19, 2016
2 parents 3e326c4 + 5dd18fc commit ee7c7da
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/CODING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,7 @@ JSON 格式的 PoC 类似于完形填空,只需要填写相应的字段的值即
检测 PHP 文件上传是否成功,

token = randomStr()
payload = '<?php echo md5(%s);unlink(__FILE__);?>' % token
payload = '<?php echo md5("%s");unlink(__FILE__);?>' % token
...

if hashlib.new('md5', token).hexdigest() in content:
Expand Down

0 comments on commit ee7c7da

Please sign in to comment.