当前位置:网站首页>Middleware vulnerability recurrence Apache
Middleware vulnerability recurrence Apache
2022-07-06 13:57:00 【Lazy and talented】
Catalog
0x0a httpd-conf Improper configuration ( Multiple file name parsing vulnerability )
0x0b .htaccess Parsing vulnerabilities
0x0c .user.ini Parsing vulnerabilities
Environmental Science ctfshow web 153
principle :php File contains .user.ini
0x0d Apache HTTPD Newline parsing vulnerability (CVE-2017-15715)
Affects version :2.4.0~2.4.29 edition
0x0a httpd-conf Improper configuration ( Multiple file name parsing vulnerability )
AddHandler application/x-httpd-php .php
In the case of multiple suffixes , As long as it contains .php suffix , Can be identified as PHP file .
Local reproduction :
Edit the file h:ttpd-conf(apache/conf/http-conf):
add to :AddHandler application/x-httpd-php .php
Edit the file :phpinfo.php.jpg
write in :<?php phpinfo();?>
visit :127.0.0.1/phpinfo.php.jpg
0x0b .htaccess Parsing vulnerabilities
AddType application/x-httpd-php .jpg Under this path jpg File by http Will be interpreted as php file
Local reproduction :
Upload .htaccess file ( Local )
edit :AddType application/x-httpd-php .jpg
Upload phpinfo.jpg file ( Local )
edit :GIF89a<?php phpinfo();?>
visit : 127.0.0.1/phpinfo.jpg
0x0c .user.ini Parsing vulnerabilities
Environmental Science ctfshow web 153
principle :php File contains .user.ini
auto_append_file=filename // Each of the peer directories php Add... At the end of the file include(“filename”)
auto_prepend_file=filename // Add include(“filename”)
Upload 1.png
<?php phpinfo();?>
Be careful : Then access any one under the file php that will do Because there is index.php So you don't need to upload php To analyze
0x0d Apache HTTPD Newline parsing vulnerability (CVE-2017-15715)
Environmental Science :vulhub
Affects version :2.4.0~2.4.29 edition
Environment startup :
- stay CVE-2017-15715 Right click the folder to open the terminal
- sudo docker-compose up -d
- visit ip+8000
burp Grab the bag Modify parameter value
stay evil.php Back plus c——> Choose code modify ——>0a
visit url:192.168.0.10:8080/evil.php%oa
summary : Mind mapping
边栏推荐
- MATLAB打开.m文件乱码解决办法
- [the Nine Yang Manual] 2019 Fudan University Applied Statistics real problem + analysis
- (原创)制作一个采用 LCD1602 显示的电子钟,在 LCD 上显示当前的时间。显示格式为“时时:分分:秒秒”。设有 4 个功能键k1~k4,功能如下:(1)k1——进入时间修改。
- 强化学习基础记录
- Strengthen basic learning records
- Experiment 6 inheritance and polymorphism
- FAQs and answers to the imitation Niuke technology blog project (II)
- [modern Chinese history] Chapter 6 test
- Differences among fianl, finally, and finalize
- . Net6: develop modern 3D industrial software based on WPF (2)
猜你喜欢
(原创)制作一个采用 LCD1602 显示的电子钟,在 LCD 上显示当前的时间。显示格式为“时时:分分:秒秒”。设有 4 个功能键k1~k4,功能如下:(1)k1——进入时间修改。
canvas基础2 - arc - 画弧线
编写程序,模拟现实生活中的交通信号灯。
HackMyvm靶机系列(7)-Tron
Canvas foundation 2 - arc - draw arc
Thoroughly understand LRU algorithm - explain 146 questions in detail and eliminate LRU cache in redis
Poker game program - man machine confrontation
Strengthen basic learning records
Renforcer les dossiers de base de l'apprentissage
Record a penetration of the cat shed from outside to inside. Library operation extraction flag
随机推荐
[dark horse morning post] Shanghai Municipal Bureau of supervision responded that Zhong Xue had a high fever and did not melt; Michael admitted that two batches of pure milk were unqualified; Wechat i
Record a penetration of the cat shed from outside to inside. Library operation extraction flag
[data processing of numpy and pytoch]
稻 城 亚 丁
实验四 数组
[au cours de l'entrevue] - Comment expliquer le mécanisme de transmission fiable de TCP
透彻理解LRU算法——详解力扣146题及Redis中LRU缓存淘汰
强化学习系列(一):基本原理和概念
实验七 常用类的使用
(原创)制作一个采用 LCD1602 显示的电子钟,在 LCD 上显示当前的时间。显示格式为“时时:分分:秒秒”。设有 4 个功能键k1~k4,功能如下:(1)k1——进入时间修改。
Nuxtjs快速上手(Nuxt2)
Read only error handling
[the Nine Yang Manual] 2020 Fudan University Applied Statistics real problem + analysis
Experiment 7 use of common classes (correction post)
The difference between overloading and rewriting
Thoroughly understand LRU algorithm - explain 146 questions in detail and eliminate LRU cache in redis
The difference between abstract classes and interfaces
Meituan dynamic thread pool practice ideas, open source
Canvas foundation 1 - draw a straight line (easy to understand)
QT meta object qmetaobject indexofslot and other functions to obtain class methods attention