[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-tInqxP35yS44h4N9r26OPSoQtuRVbhG1Z09rc5wMw4":3},{"id":4,"source":5,"question":6,"options":7,"answer":12,"related":13,"type":24,"origin":117,"createTime":26},175109842,"v1","Burp的Intruder模块中,哪种模式只使用一个payload,每次替换所有位置",[8,9,10,11],"Sniper","Battering ram","Pitchfork","Cluster bomb",[],[14,27,37,47,57,67,77,87,97,107],{"id":15,"source":5,"question":16,"options":17,"answer":22,"related":23,"type":24,"origin":25,"createTime":26},175109772,"IIS6.0文件解析漏洞可以使用以下哪个payload",[18,19,20,21],"test..asp","test.asp.jpg","test.asp;.jpg","test;asp;jpg",[],[],0,null,"2024-12-30T09:20:20+08:00",{"id":28,"source":5,"question":29,"options":30,"answer":35,"related":36,"type":24,"origin":25,"createTime":26},175109773,"如果需要进行远程文件包含, 则PHP需要开启什么参数",[31,32,33,34],"allw_url_fopen","allw_url_include","allw_path_fopen","allw_path_include",[],[],{"id":38,"source":5,"question":39,"options":40,"answer":45,"related":46,"type":24,"origin":25,"createTime":26},175109774,"如何防御包含漏洞,以下说法错误的是",[41,42,43,44],"避免由外界制定文件名","文件名中要包含目录名","限制包含的文件范围","对于远程文件包含,设置php.ini配置文件中allow_url_include = off",[],[],{"id":48,"source":5,"question":49,"options":50,"answer":55,"related":56,"type":24,"origin":25,"createTime":26},175109775,"关于 PHP 文件包含函数描述错误的是( )",[51,52,53,54],"include()函数找不到被包含文件时会产生警告,并停止脚本","require()函数找不到被包含文件时会产生致命错误,并停止脚本","include_once()函数如果文件代码已经被包含则不会再次包含","require_once()函数如果文件代码已经被包含则不会再次包含",[],[],{"id":58,"source":5,"question":59,"options":60,"answer":65,"related":66,"type":24,"origin":25,"createTime":26},175109776,"关于 PHP 文件包含利用方法,错误的是( )",[61,62,63,64],"远程文件包含需服务器开启 allow_url_fopen 配置","利用 php:\u002F\u002Finput 伪协议需开启 allow_url_include 配置","利用文件包含漏洞需被包含文件为.php 格式","文件包含漏洞常可以配合文件上传漏洞共同利用",[],[],{"id":68,"source":5,"question":69,"options":70,"answer":75,"related":76,"type":24,"origin":25,"createTime":26},175109777,"文件包含漏洞的一般特征不包含",[71,72,73,74],"?page=a.php","?home=a.html","?file=content","?id=1'",[],[],{"id":78,"source":5,"question":79,"options":80,"answer":85,"related":86,"type":24,"origin":25,"createTime":26},175109778,"关于文件包含漏洞,以下说法中不正确的是",[81,82,83,84],"文件包含漏洞在PHP Web Application中居多,而在JSP、ASP、ASP.NET程序中却非常少,这是因为有些语言设计的弊端","渗透网站时,若当找不到上传点,并且也没有url_allow_include功能时,可以考虑包含服务器的日志文件","文件包含漏洞只在PHP中经常出现,在其他语言不存在","文件包含漏洞,分为本地包含,和远程包含",[],[],{"id":88,"source":5,"question":89,"options":90,"answer":95,"related":96,"type":24,"origin":25,"createTime":26},175109779,"已知上级目录下的db目录包含敏感文件db.rar, 以下哪个请求可以下载到该文件( )",[91,92,93,94],"?download=db.rar","?download=..\u002Fdb\u002Fdb.rar","?download=db\u002Fdb.rar","?download=.\u002Fdb\u002Fdb.rar",[],[],{"id":98,"source":5,"question":99,"options":100,"answer":105,"related":106,"type":24,"origin":25,"createTime":26},175109780,"PHP中常见文件包含的函数有include() , include_once() , require_once(),require ()等,以下说法错误的是",[101,102,103,104],"require():只要程序一运行就包含文件,找不到被包含的文件时会产生致命错误,并停止脚本","include():执行到include时才包含文件,找不到被包含文件时只会产生警告,脚本将继续执行","require_once():若文件中代码已被包含则不会再次包含","include_once():若文件中代码已被包含还会再次包含",[],[],{"id":108,"source":5,"question":109,"options":110,"answer":115,"related":116,"type":24,"origin":25,"createTime":26},175109781,"下列哪条是产生文件包含漏洞的原因",[111,112,113,114],"文件来源过滤不严并用户可用","管理员管理不善","用户输入恶意代码","服务器漏洞",[],[],{"courseName":118,"courseImg":119,"workName":120,"workId":121,"count":122,"courseId":123},"Web应用安全与管理","https:\u002F\u002Fp.ananas.chaoxing.com\u002Fstar3\u002Forigin\u002F67a6922d7ad54a4b910c0eb49f0e4487.jpg","24年秋季学期期末复习题1(理论题部分)","work_39813381",181,"2bb54463126dcc203f1c6f847e2e1c60"]