PHP代码审计-File Inclusion-dvwa靶场

low

<!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>

<?php
$file = $_GET['page'];
if(isset($file)){
	include($file);
}
?>

medium

<!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>
<?php
$file = $_GET['page'];
$file = str_replace(array("https://","http://"), "", $file);
$file = str_replace(array("../","./"), "", $file);
echo $file;
if(isset($file)){
	include($file);
}
?>

high

<!DOCTYPE html>
<html>
<head>
	<title></title>
</head>
<body>
<div class="vulnerable_code_area">
		<em><a href="?page=file1.php">file1.php</a></em>
		<em><a href="?page=file2.php">file2.php</a></em>
		<em><a href="?page=file3.php">file3.php</a></em>
</div>
</body>
</html>
<?php
$file = $_GET['page'];
if(!(fnmatch("file*", $file)) && $file !="include.php"){
	echo "ERROR file not found!";
}else{
	include($file);
}
?>

PHP知识点

fnmatch() 函数根据指定的模式来匹配文件名或字符串。

posted @ 2021-01-25 15:47 renblog 阅读(111) 评论(0) 编辑收藏举报

刷新页面返回顶部

renblog≧▽≦security

PHP代码审计-File Inclusion-dvwa靶场

low

medium

high

PHP知识点

公告