Shulou(Shulou.com)05/31 Report--

This article introduces you what the PrestaShop website vulnerability repair method is, the content is very detailed, interested friends can refer to, hope to be helpful to you.

There are more and more loopholes in the PrestaShop website, which is an open source system used by many foreign trade websites. From the initial version 1.0 to the current version 1.7, it has undergone many upgrades, and more and more people use the system. There are also many domestic foreign trade companies using this system, with high PrestaShop expansibility, many templates, free switching of various currencies, and support for credit card and paypal payment. It is the first choice of foreign trade website. In recent days, PrestaShop has been exposed to a remote code injection vulnerability, which is relatively light and harmful, and can upload webshell to the root of the website.

On November 7, 2018, PrestaShop officially released the latest version and fixed the website's vulnerability, including the previously exposed file upload vulnerability, as well as the malicious deletion of the picture folder vulnerability, which is exploited on the condition that the backend administrative privileges of the site are required.

The PrestaShop vulnerability found this time is a remote code injection vulnerability. The code generated by the vulnerability is the ajax_calls.php code in the filemanager file under the background admin-dev directory. This remote injection vulnerability is caused by the function of background processing uploading files. The getimagesize () function in the code is a function to obtain the image address. This function uses php deserialization, which has a function of remote call. Is in this function there is remote code injection and execution, we construct malicious injection code to its picture code submission will execute our code, let's demonstrate, first build a linux server, and build an apache+mysql database environment, copy PrestaShop code to the server, install, and debug can be opened.

Let's try how to take advantage of this vulnerability to call files in the filemanager folder dialog.php under the background admin-rename directory. This page controls uploading files and uploading pictures. We can use action to safely control the uploading parameters. We can construct code execution, submit it by admin-rename/filemanager/execute.php?action=rename_folder,post, and send data to this file code. Using the deserialization of PHP, the code can be parsed automatically to achieve the effect of remote code injection execution.

PrestaShop website loophole repair and method

Upgrade the version of PrestaShop to the latest version, set the parsing function of php.ini to off, specifically phar.readonly=off, here set it to disable, strengthen security filtering for website upload function, filter the insertion of illegal parameters, and functionally comment the vulnerability code of the website.

About PrestaShop website loophole repair method is what is shared here, hope that the above content can have some help to everyone, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.