PHP Arbitrary File Upload Simple Patching ~ NananK bErbaGi

Selasa, 16 Agustus 2011

PHP Arbitrary File Upload Simple Patching

07.08 NananK No comments

saya akan membahas tentang cara simple mempatch PHP Arbitrary File Upload

Kebanyakan website yang vuln diupload memiliki garis besar seperti ini:

Contoh simple upload.php file upload.





Contoh form yang dipake dalam file index untuk upload:



 Select the file to upload:

Disini tidak ada code yang memfilter upload filetype.
Jadi kita bisa langsung saja upload: shell.php

Patching yg bisa dilakukan adalah menambahkan filter filetype dalam script upload.php
Contohnya:

Untuk “images/gif” bisa diganti dengan “images/jpg” dll…

Kita liat backgound request uploadnya

POST /upload.php HTTP/1.1 TE: deflate,gzip;q=0.3 Connection: TE, close Host: localhost User-Agent: libwww-perl/5.803 Content-Type: multipart/form-data; Content-Length: 156 Content-Disposition: form-data; name="userfile"; filename="shell.php" ... ... - HTTP/1.1 200 OK Date: Thu, 31 May 2007 13:54:01 GMT Server: Apache X-Powered-By: PHP/5.2.2-pl6-gentoo Connection: close Content-Type: text/html Sorry, we only allow uploading GIF images



happy Patching..

....................................................................................

Posted in:

NananK bErbaGi

Pages

visiTtor

Download

Term of Use

Total Tayangan Halaman

YM chat

Followers

About Me

Blog Archive

TRANSLATE

Selasa, 16 Agustus 2011

PHP Arbitrary File Upload Simple Patching

0 komentar:

Posting Komentar

Share

Entri Populer

Arsip Blog

Recent Posts

Blogger Tricks

Blogger Themes

NananK bErbaGi

Pages

visiTtor

Download

Term of Use

Total Tayangan Halaman

YM chat

Followers

About Me

Blog Archive

TRANSLATE

Selasa, 16 Agustus 2011

PHP Arbitrary File Upload Simple Patching

0 komentar:

Posting Komentar

Langganan

Share

Entri Populer

Arsip Blog

Recent Posts

Blogger Tricks

Blogger Themes