Several PHP loopholes to pay attention to
Several important php.ini options
Register Globals
php>=4.2.0, the default value of register_globals option in php.ini is Off by default. When register_globals When set to On, the program can receive various environment variables from the server, including variables submitted by forms, and because PHP does not have to initialize the values of variables in advance, it leads to great security risks.
Example 1:
Copy code The code is as follows:
//check_admin() is used to check the current user permissions. If it is admin, set the $is_admin variable to true , and then determine whether this variable is true, and then perform some management operations
// ex1.php
if (check_admin())
{
$is_admin = true;
}
if ($is_admin)
{
do_something();
}
?>
This code does not initialize $is_admin in advance Flase, if register_globals is On, then we can directly submit http://www.sectop.com/ex1.php?is_admin=true to bypass the verification of check_admin()
Example 2:
Copy code The code is as follows:
//ex2.php
if (isset($_SESSION["username"]))
{
do_something();
}
else
{
echo "You are not logged in yet!";
}
?>
Copy code The code is as follows:
//ex1.php
$dir = $_GET[" dir"];
if (isset($dir))
{
echo "";
system("ls -al ".$dir);
echo "";
}
?>
mixed eval(string code_str) //eval injection usually occurs when the attacker can control the input string
/ /ex2.php
Copy code The code is as follows:
$var = "var";
if (isset( $_GET["arg"]))
{
$arg = $_GET["arg"];
eval("$var = $arg;");
echo "$var = ".$var;
}
?>
http://www.bkjia.com/PHPjc/325020.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/325020.htmlTechArticleSeveral PHP vulnerabilities to pay attention to and several important php.ini options Register Globals php=4.2.0,php The default value of register_globals option in .ini is Off by default. When register_globals is set to On, the process...
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
