Home > Tutorials > PHP Tutorials

PHP Tutorials: Allow

Source: Internet
Author: User
Tags base64 file system include php code
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

PHP is often blamed for the fact that it may allow URLs to be imported and executed. In fact, this is not surprising because it is one of the most important reasons for the vulnerability of PHP applications called remote URL Include vulnerabilities.

For this reason, many security researchers recommend disabling point Allow_url_fopen in the php.ini configuration. Unfortunately, many people who recommend this approach do not realize that this can destroy many applications and do not guarantee a 100% resolution of the remote URL includes and the insecurity he brings.

Typically, users require PHP to disallow URL inclusion and request declaration support when they are using other file system functions.

For this reason, it is planned to provide allow_url_include in the PHP6. After these discussions, these features were backported in the php5.2.0. Now most of the security researchers have changed their advice, advising people only to ban allow_url_include.

Unfortunately, Allow_url_fopen and allow_url_include are not the cause of the problem. It is still dangerous enough to include local files in an application, because attackers often pass sessiondata, FileUpload, LogFiles,... and other methods to get the PHP code ...

On the other hand allow_url_fopen and allow_url_include only protected the against URL handles marked as a URL. This affects HTTP (s) and FTP (s) but does not affect PHP or date (new in php5.2.0) URLs. These URL forms can be very simple to inject into the PHP code.

Example 1:use Php://input to read the POST data

Insecure Include
The following Include statement would
Include and execute everything POSTed
to the server

Include "Php://input";
? >

Example 2:use data:to Include arbitrary code

Insecure Include
The following Include statement would
Include and execute the Base64 encoded
Payload. This is just phpinfo ()

Include "data:;base64,pd9wahagcghwaw5mbygpoz8+";
? >

Putting these into our calculations will make it very obvious that neither Url_allow_fopen nor Url_allor_include is guaranteed. These are simply because the filter rarely filters vectors. The way to resolve this URL include vulnerabilities 100% is our suhosin extension.



This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
php allow url fopen php tutorials with examples good php tutorials what php framework tutorials advanced php topics tutorials php cookies and sessions tutorials php server side scripting tutorials
Related Article
Analysis of references and garbage collection in PHP
PHP service Nginx cannot use file_get_contents workaround
PHP-based export to Excel or CSV (with UTF8, GBK encoding con...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More