• PHP代码审计-File Inclusion-dvwa靶场

    low

    <!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>

<?php
$file = $_GET['page'];
if(isset($file)){
	include($file);
}
?>

    medium

    <!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>
<?php
$file = $_GET['page'];
$file = str_replace(array("https://","http://"), "", $file);
$file = str_replace(array("../","./"), "", $file);
echo $file;
if(isset($file)){
	include($file);
}
?>

    high

    <!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>
<?php
$file = $_GET['page'];
if(!(fnmatch("file*", $file)) && $file !="include.php"){
	echo "ERROR file not found!";
}else{
	include($file);
}
?>

    PHP知识点

    fnmatch() 函数根据指定的模式来匹配文件名或字符串。
  • 相关阅读:
    6)图[5]最短路径
    6)图[4]关键路径
    6)图[3]拓扑排序算法
    6)图[2]Prim算法[最小生成树]
    Aprori算法[关联规则算法]
    K-Modes算法[聚类算法]
    linux Centos6.7 python交互模式下回退异常问题解决
    Python-面向对象(二)-Day7
    Python-面向对象(一)-Day7
    (error) MISCONF Redis is configured to save RDB snapshots
  • 原文地址:https://www.cnblogs.com/renhaoblog/p/14325596.html
Copyright © 2020-2023  润新知