问题描述
测试Web应用程序后,我可以上传GIF/JPEG文件,并且我知道在该GIF/Jpeg中正确包含PHP代码时可能存在威胁(因为使用 imagecreatetruecolor 和 imagejpeg ).
Testing a web application, I can upload GIF/JPEG files and I know there is a possible threat when including PHP Code properly in that GIF/Jpeg (because it is modified using imagecreatetruecolor and imagejpeg).
我正在寻找一个包含简单PHP代码(例如phpinfo或echo'hello world')的现有GIF文件,目的只是为了验证威胁是否具体.
I was looking for an existing GIF file containing a simple PHP code (like phpinfo or echo 'hello world') just to validate that the threat was concrete.
最完美的是一个特制的GIF图像,该PHP图像的中间包含PHP代码,或者在调色板颜色中包含该PHP代码,但我找不到一个.
What would be perfect is a specifically crafted GIF image containing PHP code in the middle OR in the palette color, but I was unsuccessful to find one.
推荐答案
我将回答包含PHP代码执行的jpg链接文件,但如果其他人提供了更完整的答案,我将提供接受的支票; )
I'll answer myself for the jpg link file containing PHP code execution, but if someone else provide a more complete answer, I'll offer the accepted check ;)
这是指向已损坏的链接包含PHP漏洞利用代码(phpinfo)的JPEG文件
(不用担心,该文件不会对您有任何作用)
(don't worry, the file won't do anything to you)
此外,请务必注意,即使您成功上传了包含php代码的gif文件,如果该gif文件被读取为gif(而不是通过include/require或配置错误的服务器以php的形式执行),它什么也不会做,只是在您的服务器上安装了php代码,没用.
Moreover, it's important to notice that even if you succeed into uploading a gif file containing php code, if that gif file is read as gif (and not executed as php, via include/require, or a badly configured server), it won't do anything, just have php code on your server, useless.
因此,要使此攻击起作用,您需要具备两个条件:
So in order for this attack to work, you need to have two conditions :
- 网站必须在您可以访问的某个时间点使用文件上传
- 存储的文件必须通过PHP执行,即使是图像文件(在这种情况下).
尽管1.很容易拥有,但如今第二几乎是不可能的. PHP的默认配置是仅使用NGinx,Apache,Lighttpd等对.php文件运行PHP解释器.
Although the 1. is quite easy to have, the second is near impossible nowadays. The default configuration for PHP is to run the PHP interpreter only for .php files, either using NGinx, Apache, Lighttpd, etc.
总而言之,这种攻击媒介的成功几率确实很低.
In conclusion, this vector of attack is really low in probability of success.
这篇关于GIF/JPEG文件可以包含可运行的PHP代码吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!