Security ❀ File Upload 文件上传

Security ❀ File Upload 文件上传

文章目录

​​准备工作​​​​1、low​​​​2、medium​​​​3、high​​​​4、impossible​​

准备工作

1、low

源码解析：

root . "hackable/uploads/"; $target_path .= basename( $_FILES[ 'uploaded' ][ 'name' ] ); // Can we move the file to the upload folder? if( !move_uploaded_file( $_FILES[ 'uploaded' ][ 'tmp_name' ], $target_path ) ) { // No echo '

Your image was not uploaded.

'; } else { // Yes! echo "

{$target_path} succesfully uploaded!

"; }}?>

源码无任何拦截，直接上传一句话木马即可；

2、medium

源码解析：

Your image was not uploaded.'; } else { // Yes! echo "

{$target_path} succesfully uploaded!

"; } } else { // Invalid file echo '

Your image was not uploaded. We can only accept JPEG or PNG images.

'; }}?>

3、high

源码解析：

数据 if( ( strtolower( $uploaded_ext ) == "jpg" || strtolower( $uploaded_ext ) == "jpeg" || strtolower( $uploaded_ext ) == "png" ) && ( $uploaded_size < 100000 ) && getimagesize( $uploaded_tmp ) ) { // Can we move the file to the upload folder? if( !move_uploaded_file( $uploaded_tmp, $target_path ) ) { // No echo '

Your image was not uploaded.

'; } else { // Yes! echo "

{$target_path} succesfully uploaded!

"; } } else { // Invalid file echo '

Your image was not uploaded. We can only accept JPEG or PNG images.

'; }}?>

将一句话木马融合到某个图片中

C:\Users\Administrator\Desktop>copy 头像.jpg/b + 1.png /a 3.jpg

4、impossible

源码解析：校验文件上传MD5值、并进行token验证、imagecreatefromjpeg函数重新生成图像审核内容；

${target_file} succesfully uploaded!"; } else { // No echo '

Your image was not uploaded.

'; } // Delete any temp files if( file_exists( $temp_file ) ) unlink( $temp_file ); } else { // Invalid file echo '

Your image was not uploaded. We can only accept JPEG or PNG images.

'; }}// Generate Anti-CSRF tokengenerateSessionToken();?>

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。