Application there is a file include vulnerability Unix systems-vulnerability warning-the black bar safety net

2014-03-03T00:00:00
ID MYHACK58:62201442649
Type myhack58
Reporter 佚名
Modified 2014-03-03T00:00:00

Description

Found time:

Vulnerability type: a file that contains

Belongs the establishment of the station program: other

Belongs to the server type: General

Belongs to the programming language: other

Description: The target Unix system, the application may exist in the file containing the vulnerability.

  1. The file include vulnerability allows by special instructions of the script source file of the content merged to the current file in execution.

  2. Many scripting languages allowed by special instructions, such as PHP via the require keyword will be other scripts source the file content merged to the current file in the implementation, if these special instructions contain the path to the file containing the user submitted data, then a malicious attacker it is possible by the special structure of the datathe WEB serverrestrict access to the contents of the file, such asoperating system, or some important application configuration files included in and obtained through the browser its content, this approach is usually referred to as the local file contains; if the application's configuration also allows the inclusion of the remote and other files on the server, a malicious attacker could construct a special script and then by the inclusion of and implementation, and then get the WEB application's sensitive data or control.

Hazards:

A malicious attacker can pass the file containing the vulnerability to obtain sensitive the content of the file or directly perform its designated malicious script, and then get the WEB application itself.

Solution:

  1. If possible, use the contains command when specified explicitly contains the file name;

2, If must be input by the user specified included files, it is best to analyze the user's input, then from the file whitelist to explicitly choose;

3, The user input is strict the filter, make sure it contains a file in a predetermined directory or can't include the URL parameter