In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
How to understand the phpMyAdmin file contains loopholes recurrence, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.
Introduction to 0x00
PhpMyAdmin is a database management tool based on PHP and constructed on the host of the website in the way of Web-Base, which allows managers to use Web interface to manage MySQL database. Through this Web interface, it can become a better way to input complicated SQL syntax in a simple way, especially to deal with the import and export of a large amount of data. One of the bigger advantages is that phpMyAdmin runs on the web server like other PHP programs, but you can use the HTML pages generated by these programs anywhere, that is, to manage the MySQL database remotely, and to easily create, modify, and delete databases and tables. You can also use phpMyAdmin to establish a commonly used php syntax to facilitate the correctness of sql syntax needed when writing web pages.
Overview of 0x01 vulnerabilities
Attackers exploit vulnerabilities that include (view and potentially execute) files on the server. The vulnerability comes from part of the code in which the page is redirected and loaded in phpMyAdmin, as well as improper testing of whitelist pages. The attacker must be authenticated, except in these cases:
$cfg ['AllowArbitraryServer'] = true: an attacker can specify any host he or she has control and execute arbitrary code on the phpMyAdmin
$cfg ['ServerDefault'] = 0: this bypasses login and runs vulnerable code without any authentication.
0x02 scope of influence
PhpMyAdmin 4.8.0
PhpMyAdmin 4.8.1
0x03 environment building
Phpstudy2018+phpmyadmin4.8.1
1. Download phpstudy2018 and delete your own phpmyadmin
Download address: http://public.xp.cn/upgrades/PhpStudy2018.zip
two。 Download the phpmyadmin4.8.1 version
Download address: https://www.phpmyadmin.net/files/
3. Rename the downloaded phpmyadmin in phpstudy's www directory
4. View the version of phpmyadmin in the browser
Http://your-IP/phpmyadmin/README
Recurrence of 0x04 vulnerabilities
1. To open phpmyadmin in a browser, you need to log in with an account / / show a little chicken rib.
two。 Method 1. Log in and enter the following payload on the home page
Http://your-ip/phpMyAdmin/index.php?target=db_datadict.php%253f/../../../../../../../../Windows\win.ini
3. Create a table in the test database, and then create a field in the table as an one-sentence Trojan
4. Check whether a frm file is generated under the corresponding database of MySQL/data in the injured machine and open it using notepad.
5. Use file include, include files under this path
Http://your-ip/phpMyAdmin/index.php?target=db_datadict.php%253f/../../../../../../../../phpStudy\PHPTutorial\MySQL\data\test\demo.frm
6. Method 2. Save the serialized data to the session file through phpsession, including its cache file. Through a word Trojan, and then include the sess_sessionId file.
6.1. execute the following command at the latest sql statement
Select''
6.2. use F12 to view the session value of the website and the value of phpmyadmin in the current page cookie
6.3.Use the file to contain the URL path that contains the session value in this directory
0x05 repair recommendation
1. The latest version of phpmyadmin is recommended
two。 Use complex account passwords
Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.