In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-11 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
Php arbitrary code execution of a sentence what is the back door, I believe that many inexperienced people do not know what to do, so this article summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.
Eval and assert functions that have been developed for a long time
Php arbitrary code execution of a word back door, we like to use the traditional eval,php5,7 generic.
However, because eval can not be split, some people liked to use assert in the early days, so it is more concealed by coding and splitting assert.
Although some people say that assert is disabled in php7.0 and above, it is not actually disabled, but splits are prohibited just like eval.
Most of the back door of a sentence has something to do with these two functions (not actually functions).
Create_function and preg_replace functions
Create_function, whose function is to create an anonymous function, is also the internal equivalent of executing an eval. Php5,7 is available
The / e modifier is also known as preg_replace. This is really not available for php7, only for php5.
In addition to preg_replace, there is a function similar to it.
Both of these are limited to php5. What if php7 wants to use this method, too? There is a way that php does not completely wipe out the / e modifier.
They even have aliases.
The method of circling D shield
The above have been developed for a long time, it is very difficult to use them to circle the D shield, and we are not here to teach you to go around the D shield. If you want to go around, in fact, D Shield is not very strong in the detection of classes. Write a confusing class by yourself. Php5 is split with assert, and php7 is split with create_function. It is easy to go around. For instance
/ / this example is create_function split, php5.3.29 and 5.2.17 tests are not feasible, php5.4.45-php7 is feasible. Therefore, php5 is split by assert, and php7 is split by create_function. This is the most stable way.
The older callback door
URL address: http://127.0.0.1/1.php connection password: pass
Call_user_func in php is the standard way to execute callback functions, which is an old backdoor:
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
