[英]PHP - file_put_contents file manipulation
I'm trying to write a PHP file on a server and to bypass the extension in the end. 我试图在服务器上编写PHP文件,并最终绕过扩展名。
This is the PHP file - 1.php: 这是PHP文件-1.php:
<?php
file_put_contents("folder\\".$GET['file'].".PNG",$_GET['content']);
?>
I'm trying to bypass the PNG extension and to write a PHP file. 我试图绕过PNG扩展名并编写一个PHP文件。 like this: 像这样:
1.php?file=attack.php%00&content=blabla
but it's not working 但它不起作用
I tried: 我试过了:
Null char (%00,%u0000)
Long filename
CRLF chars
space char
?,&,|,>,<,(,),{,},[,],\,!,~,:,; chars
backspace char
../
php protocol PHP协议
php://filter/write=convert.base64-decode/resource=1.php
(will not work because the folder in the begging) (因为该文件夹在乞讨中不起作用)
Anyone have any idea? 有人知道吗
Thanks! 谢谢!
There are several fundamental problems here; 这里有几个基本问题。
../../1.php
and overwrite this file to do whatever I want. 此代码非常不安全,我可以将get设置为../../1.php
并覆盖此文件以执行所需的操作。 It appears that you're doing some security testing however, so I guess that may be the problem 看来您正在执行一些安全性测试,所以我想可能是问题所在 php://anything
should not work. php不是协议,它是一种语言,因此php://anything
不能正常工作。 folder\\\\
doesn't make sense, what is this supposed to be/do? folder\\\\
没有意义,这应该是/做什么? That said though, for educational purposes prepending ../../
should allow you to escape out of the folder/
directory. ,虽然说,对于教育目的前面加上../../
应该让你逃脱出来的folder/
目录。
For example if this is in /home/Zak/mytest/
with the expectation of a directory within that called folder
designated to store these PNG files, then a file
of ../../zak_homedir
should put a file at /home/Zak/zak_homedir.PNG
due to relative path resolution. 例如,如果该文件位于/home/Zak/mytest/
,并且期望该调用folder
指定用于存储这些PNG文件,则../../zak_homedir
file
应将文件放在/home/Zak/zak_homedir.PNG
由于相对路径解析。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.