Shulou(Shulou.com)06/01 Report--

The company deployed an ecshop website for use as an online mall, deployed on the Ali cloud server, and received an alarm message from the Aliyun console the next day, which found sql injection vulnerabilities and program vulnerabilities in the directory of the ecshop website.

As shown below:

In the case of unsuccessful communication with the technology, some information was checked on the Internet, and the documents were repaired as follows:

1the repair method of 1memapod adminapod shopinfo.php

(approximately on lines 53,71,105,123, the repair method is the same in all four places) admin_priv ('shopinfo_manage'); modified to admin_priv (' shopinfo_manage'); $_ REQUEST ['id'] = intval ($_ REQUEST [' id'])

2the repair method of 2meminapod adminplet shophelp.php

(probably on lines 81,105,133,155, the repair method is the same in all four places) admin_priv ('shophelp_manage'); modified to admin_priv (' shophelp_manage'); $_ POST ['id'] = intval ($_ POST [' id'])

3The method of repairing the vulnerabilities of 3MagneapiCue clientUniverse libharmapi.php

Copy the code

FunctionAPI_UserLogin ($post)

{

/ * add SQL injection filter * /

If (get_magic_quotes_gpc ())

{

$post ['UserId'] = $post [' UserId']

}

Else

{

$post ['UserId'] = addslashes ($post [' UserId'])

}

/ * /

$post ['username'] = isset ($post [' UserId'])? Trim ($post ['UserId']):''

…… .

4,\ admin\ edit_languages.php vulnerability repair method

/ / before repair

Dst_items [$I] = $_ POST ['item_id'] [$I].' ='. ''. $_ POST ['item_content'] [$I].

/ / after repair, you must use escape because you want to see single quotes between single quotes.

Dst_items [$I] = $_ POST ['item_id'] [$I].' ='. ''. $_ POST ['item_content'] [$I]. '\';'

After the repair, test to see if there are any vulnerabilities.

Fixes the injection vulnerability of 5Jing hand adminqqq.php sql injection.

Get_affiliate_ck function.

Line function get_affiliate_ck () 226

Repair scheme

Cast on $_ GET ['auid']

If (isset ($_ GET ['auid']))

{

$sqladd = 'AND a. Usernames and idlers'. Intval ($_ GET ['auid'])

}

6There is a 336 line of injection vulnerability repair for 6Jet hand adminact commentaries manage.php.

File sql injection vulnerability in / admin/comment_manage.php background.

/ admin/comment_manage.php fix method (probably at line 336)

$filter ['sort_by'] = empty ($_ REQUEST [' sort_by'])? 'add_time': trim ($_ REQUEST [' sort_by'])

$filter ['sort_order'] = empty ($_ REQUEST [' sort_order'])? 'DESC': trim ($_ REQUEST [' sort_order'])

Modify to

$sort = array ('comment_id','comment_rank','add_time','id_value','status')

$filter ['sort_by'] = in_array ($_ REQUEST [' sort_by'], $sort)? trim ($_ REQUEST ['sort_by']):' add_time'

$filter ['sort_order'] = empty ($_ REQUEST [' sort_order'])? 'DESC': 'ASC'

7Maxim modulesUniverse paymentUniverse alipay.phpSQL injection vulnerability 116 lines

Defense method

/ includes/modules/payment/alipay.php

Functionrespond ()

{

If (! empty ($_ POST))

{

Foreach ($_ POST as $key = > $data)

{

$_ GET [$key] = $data

}

}

$payment = get_payment ($_ GET ['code'])

$seller_email = rawurldecode ($_ GET ['seller_email'])

$order_sn = str_replace ($_ GET ['subject'],'', $_ GET ['out_trade_no'])

/ * effectively filter $order_sn * /

$order_sn = trim (addslashes ($order_sn))

/ * /

..

8. 8 mending the injection vulnerability of libstores insert.phpsql

In the / includes/lib_insert.php file of ecshop, the input parameters are not escaped correctly, which leads to the occurrence of integer injection.

139c139140

+ $arr ['num'] = intval ($arr [' num'])

+ $arr ['id'] = intval ($arr [' id'])

267c268

-

270c271272

+ $arr ['id'] = intval ($arr [' id'])

+ $arr ['type'] = addslashes ($arr [' type'])

308c310

-

+ $arr ['id'] = intval ($arr [' id'])

Update the Aliyun console after modification, indicating that it has been repaired and is done.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.