没有什么技术含量,非常简单的任意文件下载漏洞,源文件解码后如下所示:|]", "_", $file_save );if ( $file_extension == "php" ){exit( "Cannot be used for "$file_" files!" );}$mimeType = get_file_mimetype( $file_name );if ( strpos( $_SERVER['HTTP_USER_AGENT'], "MSIE 5" ) || strpos( $_SERVER['HTTP_USER_AGENT'], "Opera 7" ) ){$mimeType = "application/x-download";}ob_end_clean( );header( "Pragma: public" );header( "Expires: 0" );header( "Cache-Control: must-revalidate, post-check=0, pre-check=0" );header( "Cache-Control: public" );header( "Content-Description: File Transfer" );header( "Content-Type: "$mimeType );header( "Content-Disposition: attachment; filename="$file_save );header( "Content-Transfer-Encoding: binary" );header( "Content-Length: "filesize( $file_download ) );@readfile( @$file_download );?>