Nginx resolve the vulnerability principle and the use of methods-vulnerability warning-the black bar safety net

2012-08-30T00:00:00
ID MYHACK58:62201234769
Type myhack58
Reporter 佚名
Modified 2012-08-30T00:00:00

Description

Nginx parses the vulnerability is already relatively old vulnerability, but on the Internet there are a lot of use there resolve the vulnerability the nginx version.

Long time no write articles, go to sleep go to law customers turn a circle see a nginx vulnerability penetration of the article, only to find himself seems to also did not write.

So~~~

nginx parses the vulnerability is due to the nginx part of the version of the program itself, the vulnerability to cause the analysis of non-you can execute a script program such as PHP.

The following two hypotheses in the presence of a vulnerability on a site there is a picture url address is:

| 1 | www.myhack58.com/logo.jpg //assuming the existence of this picture ---|---

2 | ---|---

3 | 1 ---|---

4 | ---|---

5 | and when our normal access, nginx will treat this as non-scripting language to directly read the transmitted drawing the client is a browser, but ---|---

6 | ---|---

7 | There is a parsing vulnerability in the nginx will put the following connection analysis and implementation~ of: ---|---

8 | ---|---

9 | 1 ---|---

1 0 | ---|---

1 1 | www.creturn.com/logo.jpg/a.php //old analytical methods such as written words, nginx will put the logo. jpg as a script analysis after the implementation of the output ---|---

1 2 | ---|---

1 3 | www.creturn.com/logo.jpg%00.php //this is 7 in mid-May broke the parsing vulnerability ---|---

[1] [2] [3] next