安基网 首页 安全 安全学院 查看内容

安全模式下exec等函数安全隐患

2009-5-28 04:27| 投稿: security


免责声明:本站系公益性非盈利IT技术普及网,本文由投稿者转载自互联网的公开文章,文末均已注明出处,其内容和图片版权归原网站或作者所有,文中所述不代表本站观点,若有无意侵权或转载不当之处请从网站右下角联系我们处理,谢谢合作!

摘要: #SuperHei:关于 PHP <= 5.2.9 SafeMod Bypass Vulnerability [by www.abysssec.com]http://www.milw0rm.c...
#SuperHei:关于 PHP <= 5.2.9 SafeMod Bypass Vulnerability [by www.abysssec.com]http://www.milw0rm.com/exploits/8799 这个问题的分析,很详细  Abysssec Inc Public Advisory Title  : PHP <= 5.2.9 SafeMod Bypass VulnerabilityAffected Version : Tested on 5.2.8, 5.2.6 but previous versions maybe be afftectVendor  Site   : www.php.net Vulnerability Discoverd by   : www.abysssec.com Description : Here is another safemod bypass vulnerability exist in php <= 5.2.9 on windows .the problem comes from OS behavior - implement  and interfacing between phpand operation systems directory structure . the problem is php won't tell differencebetween directory browsing in linux and windows this can lead attacker to abilityexecute his / her commands on targert machie even in SafeMod On  (php.ini setting) . Vulnerability : in linux when you want open a directory for example php directory you needto go to /usr/bin/php and you can't use \usr\bin\php . but windows won't telldiffence between slash and back slash it means there is no didffrence  betweenc:\php and c:/php , and this is not vulnerability but itself but  because of this  simplephp implement "\" character can escape safemode using  function like excec . PoC / Exploit : orginal : www.abysssec.com/safemod-windows.zipmirror  : www.milw0rm.com/sploits/2009-safemod-windows.zip note : this vulnerabities is just for educational purpose and showing vulnerability existso author will be not be responsible for any damage using this vulnerabilty. for more information visit Abysssec.comfeel free to contact me at admin [at] abysssec.com # milw0rm.com [2009-05-26]

小编推荐:欲学习电脑技术、系统维护、网络管理、编程开发和安全攻防等高端IT技术,请 点击这里 注册账号,公开课频道价值万元IT培训教程免费学,让您少走弯路、事半功倍,好工作升职加薪!



免责声明:本站系公益性非盈利IT技术普及网,本文由投稿者转载自互联网的公开文章,文末均已注明出处,其内容和图片版权归原网站或作者所有,文中所述不代表本站观点,若有无意侵权或转载不当之处请从网站右下角联系我们处理,谢谢合作!


鲜花

握手

雷人

路过

鸡蛋

相关阅读

最新评论

 最新
返回顶部