gistfile1.txt 1.文件包含漏洞(控制包含路径和文件类型、文件权限、禁止文件包含错误提示) include include_once require require_once fopen readfile allow_url_include = ON 的话include/require就会包含远程文件
1.文件包含漏洞(控制包含路径和文件类型、文件权限、禁止文件包含错误提示)
include include_once require require_once fopen readfile
allow_url_include = ON 的话include/require就会包含远程文件
upload_tmp_dir定义,php上传会创建临时文件,linux的/tmp 和window的c:\windows\temp
2.全局变量覆盖(变量初始化)
register_globals ON变成OFF
extract()函数
import_request_variables()
parse_str()
3.php安全处理
register_globals On改成Off
open_basedir 限制php只能操作的指定目录文件,记得带'/',/data/wwwwroot/
allow_url_include 关闭 Off
allow_url_fopen 推荐关闭 Off
display_errors 错误显示,关闭 Off
log_errors On
magic_quotes_gpc 推荐关闭 Off
cgi.fix_pathinfo 如果php是cgi模式需要关闭此项,避免文件解析问题
session.cookie_httponly 开启
session.cookie_secure 如果全站是https,请开启此项
safe_mode
disable_functions=escapeshellarg,escapeshellcmd,exec,passthru,proc_close,proc_get_status,proc_open,proc_nice,proc_terminate,shell_exec
system,ini_restore,popen,dl,disk_free_space,diskfreespace,set_time_limit,tmpfile,fopen,readfile,fpassthru,fsockopen,mail,ini_alter,highlight_file
openlog,show_source,symlink,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_not,apache_setenv,parse_ini_file
disable_class= XML Writer,DOMDocument,DOMNotation,DOMXPath,SQLiteDatabase,SQLiteResult,SQLite Unbuffered,SQLiteException