Some of the best prohibited functions in php.ini (Diables

Source: Internet
Author: User
Tags character set execution functions ini symlink syslog versions root directory
Phpinfo()
Function Description: Output PHP environment information and related modules, WEB environment and other information.
Hazard level: Medium

Passthru()
Functional Description: Allows execution of an external program and echoes the output, similar to exec().
Hazard level: high

Exec()
Functional Description: Allows execution of an external program (such as UNIX Shell or CMD commands, etc.).
Hazard level: high

System()
Functional Description: Allows execution of an external program and echoes the output, similar to passthru().
Hazard level: high

Chroot()
Functional Description: Can change the working root directory of the current PHP process, only when the system supports CLI mode
Works only when PHP is available, and this function is not available for Windows systems.
Hazard level: high

Scandir()
Feature Description: Lists the files and directories in the specified path.
Hazard level: medium

Chgrp()
Function Description: Change the user group to which the file or directory belongs.
Hazard level: high

Chown()
Functional Description: Change the owner of a file or directory.
Hazard level: high

Shell_exec()
Function description: Execute the command through the shell and return the execution result as a string.
Hazard level: high

Proc_open()
Functional Description: Execute a command and open the file pointer for reading and writing.
Hazard level: high

Proc_get_status()
Functional Description: Get information about the process opened with proc_open().
Hazard level: high

Error_log()
Function description: Send the error message to the specified location (file).
Security Note: In some versions of PHP, you can use error_log() to bypass PHP safe mode.
Execute any command.
Hazard level: low

Ini_alter()
Functional Description: An alias function of the ini_set() function with the same function as ini_set().
See ini_set() for details.
Hazard level: high

Ini_set()
Function Description: Can be used to modify and set PHP environment configuration parameters.
Hazard level: high

Ini_restore()
Feature Description: Can be used to restore PHP environment configuration parameters to their initial values.
Hazard level: high

Dl()
Functional Description: Load a PHP external module while PHP is running (not at startup).
Hazard level: high

Pfsockopen()
Functional Description: Establish a socket persistent connection for an Internet or UNIX domain.
Hazard level: high

Syslog()
Functional Description: The system layer syslog() function of the UNIX system can be called.
Hazard level: Medium

Readlink()
Function Description: Returns the contents of the target file pointed to by the symbolic link.
Hazard level: Medium

Symlink()
Functional Description: Create a symbolic link on a UNIX system.
Hazard level: high

Popen()
Functional Description: A command can be passed through the parameters of popen() and executed by the file opened by popen().
Hazard level: high

Stream_socket_server()
Feature Description: Establish an Internet or UNIX server connection.
Hazard level: Medium

Putenv()
Functional Description: Used to change the system character set environment while the PHP is running. This function is available in PHP versions earlier than 5.2.6
After modifying the system character set environment, use the sendmail command to send a special parameter execution system SHELL command.
Hazard level: high

The method of disabling is as follows:
Open the /etc/php.ini file,
Find disable_functions and add the name of the function to be disabled, as follows:
Phpinfo,eval,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,fsockopen

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.