file inclusion vulnerability

Require:
PHP Version <5.3.4
magic_quotes_gpc=off
1.
require $index_file
$index_file = '../mc-files/posts/index/'.$post_old_state.'.php'
$post_old_state = $data['state']
![image](https://user-images.githubusercontent.com/53329032/63573644-6a532900-c5b8-11e9-83b9-ac0c55616f8c.png)
2.
write a page or article with content
![image](https://user-images.githubusercontent.com/53329032/63573762-cc139300-c5b8-11e9-96b9-76a588a75c9e.png)
3.
can see url is 
![image](https://user-images.githubusercontent.com/53329032/63573812-ebaabb80-c5b8-11e9-8430-d53e87276923.png)
so filename is 2kbz44.bat
4.use burppsuite,we can find phpinfo in response

![微信图片_20190823152524](https://user-images.githubusercontent.com/53329032/63574446-60322a00-c5ba-11e9-8074-ba828d3bae64.png)





Provide feedback

Saved searches

Use saved searches to filter your results more quickly

file inclusion vulnerability #36

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development