我們舉例只講linux的系統(tǒng),但是防止方法在任何系統(tǒng)都是有效的,下面我們先來(lái)看看等操作,你可以這樣使用,代碼如下:
http://m.survivalescaperooms.com/index.php?page=../etc/passwd
http://m.survivalescaperooms.com/index.php?page=../../../etc/passwd
http://m.survivalescaperooms.com/index.php?page=..../../etc/passwd
獲取更多數(shù)據(jù):
- etc/profile
- etc/services
- /etc/passwd
- /etc/shadow
- /etc/group
- /etc/security/group
- /etc/security/passwd
- /etc/security/user
- /etc/security/environ
- /etc/security/limits
- /usr/lib/security/mkuser.default
像上面代碼,如果你是
?page=$_GET的話這樣就完了,分析原因,因?yàn)槲覀兎猪?yè)只有數(shù)字,那么我們這樣操作,代碼如下:
?page=intval($_GET);
這樣就無(wú)法把字符提交了,我們利用了intval函數(shù)進(jìn)行了過(guò)濾,那么對(duì)于提交字符怎么處理呢,在處理字符時(shí)我們利用php自帶函數(shù)的函數(shù) addslashes和htmlspecialchars進(jìn)行過(guò)濾,代碼如下:
$body = htmlspecialchars(isset($_GET[$str])?$_GET[$str]:'');
這樣就基本過(guò)濾了各種安全注入,當(dāng)然如果你服務(wù)器有漏洞在php上是解決不了的.
新聞熱點(diǎn)
疑難解答
