Security ❀ Command Injection 命令注入

Security ❀ Command Injection 命令注入

文章目录

​​1、low​​​​2、medium​​​​3、high​​​​4、impossible​​

1、low

源码解析：

{$cmd}";}?>

源码未限制输入内容，因此直接使用命令进行注入攻击；

2、medium

源码解析：

'', ';' => '', ); // Remove any of the charactars in the array (blacklist). $target = str_replace( array_keys( $substitutions ), $substitutions, $target ); // Determine OS and execute the ping command. if( stristr( php_uname( 's' ), 'Windows NT' ) ) { // Windows $cmd = shell_exec( 'ping ' . $target ); } else { // *nix $cmd = shell_exec( 'ping -c 4 ' . $target ); } // Feedback for the end user echo "

{$cmd}

";}?>

3、high

源码解析：

'', ';' => '', '| ' => '', '-' => '', '$' => '', '(' => '', ')' => '', '`' => '', '||' => '', ); // Remove any of the charactars in the array (blacklist). $target = str_replace( array_keys( $substitutions ), $substitutions, $target ); // Determine OS and execute the ping command. if( stristr( php_uname( 's' ), 'Windows NT' ) ) { // Windows $cmd = shell_exec( 'ping ' . $target ); } else { // *nix $cmd = shell_exec( 'ping -c 4 ' . $target ); } // Feedback for the end user echo "

{$cmd}

";}?>

4、impossible

源码解析：源码将输入定义为4个整数，完全防护输入为一个IP地址；

字节 $octet = explode( ".", $target ); // Check IF each octet is an integer 检查每个字节是否为整数 if( ( is_numeric( $octet[0] ) ) && ( is_numeric( $octet[1] ) ) && ( is_numeric( $octet[2] ) ) && ( is_numeric( $octet[3] ) ) && ( sizeof( $octet ) == 4 ) ) { // If all 4 octets are int's put the IP back together. $target = $octet[0] . '.' . $octet[1] . '.' . $octet[2] . '.' . $octet[3]; // Determine OS and execute the ping command. if( stristr( php_uname( 's' ), 'Windows NT' ) ) { // Windows $cmd = shell_exec( 'ping ' . $target ); } else { // *nix $cmd = shell_exec( 'ping -c 4 ' . $target ); } // Feedback for the end user echo "

{$cmd}

"; } else { // Ops. Let the user name theres a mistake echo '

ERROR: You have entered an invalid IP.

'; }}// Generate Anti-CSRF token 生成Anti-CSRF令牌generateSessionToken();?>

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。