Shulou(Shulou.com)06/03 Report--

This article mainly introduces the web loopholes and principle analysis, prevention methods of the case, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor with you to understand.

The website provides the upload function, is that many sites often have the function, the mall, the forum and some common online disk sites. On the common Internet, we also often hear that there are loopholes in the storage of so-and-so sites and open source projects. Since the emergence of dynamic programs on the Internet, loopholes appear frequently in various systems like ghosts. Why, a loophole in memory appears so frequently. Moreover, some systems have been patched repeatedly and have not been patched successfully many times! In fact, the main problem still appears in the principle of storage. Let's take a look at the process of uploading.

Analysis of the process of website storage

The copy code is as follows:

The above is a simple test example. Let's take a look.

Let's analyze it:

Name from the save time select the file name

Type is a file type. Where did this type come from? Ha ha, here is very critical. In many cases, many people will think that this is automatically generated by the server. If I think so, I think it's possible. Php encapsulates the storage, and it seems to be possible with its own class library. However, think about it on the other hand, you choose any format file, there will be a format type. If you think about it, we infer that this value may also come from user input. Let's grab the bag and see our type.

The type value also comes from the value entered by the user.

Size comes from a program that calculates the size of the saved file, which is calculated automatically. Than we all know.

What do you mean by talking so much?

Some friends must have started to ask, what does the above analysis of the file format have to do with loopholes in the development? In fact, let's think about it, as mentioned above, a file name name attribute, and a file type type attribute. When we save files and process them at the back end, we will often use them. As a developer, when using these two variables, you must continue to implement the principle that all input code is harmful. When you use it, you have to treat it like any other get,post get variable. To detect and filter all input variables.

We often do the function is to define the user input must be a certain format file, and then save to that format. At the end of the analysis, there are many areas that need to be further analyzed. Let's first put forward an outline today. Next, we will analyze these three common types of memory vulnerabilities.

1. Use the user file name to generate the file, and the filtering of special characters is not strict, resulting in loopholes in file generation.

two。 When moving the file directory, it is generated to the wrong directory due to the splicing of the file names passed in by the user.

3. Trust the user to enter the type type and save the user file name as a file directly

Thank you for reading this article carefully. I hope the article "cases of loopholes and principle analysis and prevention methods on web" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.