New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net

2016-02-12T00:00:00
ID MYHACK58:62201671791
Type myhack58
Reporter phithon
Modified 2016-02-12T00:00:00

Description

Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability.

Today this vulnerability is Edusoho a user table dump vulnerability. First, I briefly explain the vulnerability principle. 【Vulnerability source code download: https://mega.nz/#! 4chVWCAB! xBVyC9QqxMCmeuLu3rGx__PwgkLe_a5NWUITLS3QzuM 】

0x01 turn on DEBUG mode caused by the risks

Edusoho turn on the debug mode later will be in the program after an error output debug information, including the current environment variable value. The default index. php is not turned on debug, but the/api/index. php will turn on debug:

! 14512262668078.jpg

Follow up about the framework of the exception handling method. Index. php register the exception handling:

| 1 | The ErrorHandler::register(); ---|---

2 | ExceptionHandler::register(); ---|---

[1] [2] [3] next