Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to solve the Nginx middleware loophole". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to solve the Nginx middleware loophole".

1. Brief introduction of file parsing vulnerabilities:

For any file name, add / xxx.php later, and it can be parsed as php.

Scope of impact: this vulnerability is caused by Nginx configuration, regardless of version. Common vulnerabilities are configured as follows:

Reproduce operation:

Repair recommendations:

1. Configure cgi.fix_pathinfo (in php.ini) to 0 and restart the php-cgi program.

two。 If you need features of cgi.fix_pathinfo, such as Wordpress, you can disable script permissions for uploading directories. Or station library separation.

3. The higher version of PHP provides the configuration parameter security.limit_extensions, which sets security.limit_extensions= .php

2. Introduction to directory traversal vulnerabilities: like Apache, it belongs to the problem caused by configuration. The general configuration is as follows: C:\ phpStudy\ nginx\ conf\ nginx.conf

Reproduce operation:

3. Null byte arbitrary code execution vulnerability: nginx 0.5.*nginx 0.6.*nginx 0.7

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.