PHP·´ÐòÁл¯Îó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2018-08-23

Îó²î±àºÅºÍ¼¶±ð

 

CVE±àºÅ£ºÎÞ£¬ £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


PHP > 5.3


Îó²î¸ÅÊö


Secarma ¹«Ë¾µÄÇå¾²Ñо¿Ô± Sam Thomas ·¢Ã÷Ò»ÖÖÐÂÐÍʹÓÃÊÖÒÕ£¬ £¬£¬£¬£¬£¬£¬¿Éµ¼ÖºڿÍͨ¹ýʹÓôËÇ°±»ÒÔΪΣº¦½ÏµÍµÄº¯Êý´¥·¢ PHP ÓïÑÔÖÐÑÏÖصķ´ÐòÁл¯Îó²î¡£ ¡£¡£¡£¡£¡£ÕâÖÖÐÂÊÖÒÕµ¼Ö³ÉǧÉÏÍò¿î web Ó¦ÓóÌÐòÒ×ÔâÔ¶³Ì´úÂëÖ´Ðй¥»÷£¬ £¬£¬£¬£¬£¬£¬°üÀ¨Ò»Ð©ÊÜÈÈÃÅÄÚÈÝÖÎÀíϵͳÇý¶¯µÄÍøÕ¾Èç WordPress ºÍ Typo3¡£ ¡£¡£¡£¡£¡£


PHP ·´ÐòÁл¯»ò¹¤¾ß×¢ÈëÎó²î×îÔ籬·¢ÔÚ2009Ä꣬ £¬£¬£¬£¬£¬£¬Ëü¿Éµ¼Ö¹¥»÷Õßͨ¹ýÏò unserialized () PHP º¯ÊýÌṩ¶ñÒâÊäÈëµÄÒªÁìÖ´ÐжàÖÖ¹¥»÷¡£ ¡£¡£¡£¡£¡£ÐòÁл¯Êǽ«Êý¾Ý¹¤¾ßת»»Îª´¿×Ö·û´®µÄÀú³Ì£¬ £¬£¬£¬£¬£¬£¬¶ø·´ÐòÁл¯º¯Êý×ÊÖú³ÌÐò´Ó×Ö·û´®ÖØн¨É蹤¾ß¡£ ¡£¡£¡£¡£¡£Thomas ·¢Ã÷¹¥»÷ÕßÄÜʹÓÃÕë¶Ô Phar ÎļþµÄµÍΣº¦º¯Êý´¥·¢·´ÐòÁл¯¹¥»÷£¬ £¬£¬£¬£¬£¬£¬¶øÎÞÐèÔÚÖÖÖÖ³¡¾°ÖÐʹÓà unserialize () º¯Êý¡£ ¡£¡£¡£¡£¡£Phar ÎļþÊÇ PHP ÖеÄÒ»ÖÖ´æµµÃûÌ㬠£¬£¬£¬£¬£¬£¬ËüÒÔÐòÁл¯ÃûÌô洢ԪÊý¾Ý£¬ £¬£¬£¬£¬£¬£¬µ±Îļþ²Ù×÷º¯Êý (fopen¡¢file_exists¡¢file_get_contents µÈ)ÊÔͼ»á¼û´æµµÎļþʱ¾Í»á±»·´ÐòÁл¯¡£ ¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


´ó´ó¶¼PHPÎļþ²Ù×÷ÔÊÐíʹÓÃÖÖÖÖURLЭÒéÈ¥»á¼ûÎļþ·¾¶£ºÈçdata://£¬ £¬£¬£¬£¬£¬£¬zlib://»òphp://¡£ ¡£¡£¡£¡£¡£ÆäÖÐһЩͨ³£ÓÃÓÚʹÓÃÔ¶³ÌÎļþ°üÀ¨Îó²î£¬ £¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔʹÓÃËüÃÇ¿ØÖÆÎļþ°üÀ¨µÄÍêÕû·¾¶£¬ £¬£¬£¬£¬£¬£¬¿ÉÊǺÜÉÙÈ˹Ø×¢ phar://,Phar£¨PHP Archive£©ÎļþµÄÓÐȤ֮´¦ÔÚÓÚËü°üÀ¨ÐòÁл¯ÃûÌõÄÔªÊý¾Ý¡£ ¡£¡£¡£¡£¡£Í¨¹ýÒÔÏ´úÂ뽨Éèphar


918²©ÌìÌÃ(ÖйúÓÎ)×îйٷ½ÍøÕ¾


ͨ¹ýÒÔÏ´úÂë¾ÙÐвâÊÔ£º


918²©ÌìÌÃ(ÖйúÓÎ)×îйٷ½ÍøÕ¾


ͨ¹ýÖ´ÐÐЧ¹û¿ÉÒÔ¿´µ½£¬ £¬£¬£¬£¬£¬£¬ÈôÊÇÏÖÔÚͨ¹ýphar://¶ÔÎÒÃÇÏÖÓеÄPharÎļþ¾ÙÐÐÎļþ²Ù×÷£¬ £¬£¬£¬£¬£¬£¬ÔòÆäÐòÁл¯ÔªÊý¾Ý½«±»·´ÐòÁл¯¡£ ¡£¡£¡£¡£¡£ÕâÒâζ×ÅÎÒÃÇÔÚÔªÊý¾ÝÖÐ×¢ÈëµÄ¹¤¾ß½«±»¼ÓÔص½Ó¦ÓóÌÐòÖС£ ¡£¡£¡£¡£¡£ÈôÊÇ´ËÓ¦ÓóÌÐò¾ßÓÐÒÑÃüÃûµÄÀàTestObject£¬ £¬£¬£¬£¬£¬£¬²¢ÇÒ¾ßÓÐħÊõº¯Êýdestruct()»òwakeup()£¬ £¬£¬£¬£¬£¬£¬Ôò»á×Ô¶¯Å²ÓÃÕâЩҪÁì¡£ ¡£¡£¡£¡£¡£ÕâÒâζ×ÅÎÒÃÇ¿ÉÒÔÔÚ´úÂë¿âÖд¥·¢ÈκÎÎö¹¹º¯Êý»ò½ÐÐÑÒªÁ죬 £¬£¬£¬£¬£¬£¬ÈôÊÇÕâЩаÊõº¯Êý¶ÔÎÒÃÇ×¢ÈëµÄÊý¾Ý¾ÙÐвÙ×÷£¬ £¬£¬£¬£¬£¬£¬ÄÇôÕâ¿ÉÄܻᵼÖ½øÒ»²½µÄÎó²î¡£ ¡£¡£¡£¡£¡£


¹¥»÷ÕßÈôÊÇ¿ÉÒÔ¿ØÖÆÖîÈçinclude()£¬ £¬£¬£¬£¬£¬£¬fopen()£¬ £¬£¬£¬£¬£¬£¬file_get_contents()£¬ £¬£¬£¬£¬£¬£¬file()µÈÎļþ²Ù×÷µÄº¯Êý£¬ £¬£¬£¬£¬£¬£¬Ôò¿ÉÒÔÔì³ÉÑÏÖصÄÎó²î¡£ ¡£¡£¡£¡£¡£Òò´Ë£¬ £¬£¬£¬£¬£¬£¬Í¨³£ÐèÒªÔÚÕâЩº¯ÊýʹÓÃÇ°ÑéÖ¤Óû§µÄÊäÈë¡£ ¡£¡£¡£¡£¡£


µ½ÏÖÔÚΪֹ£¬ £¬£¬£¬£¬£¬£¬¹¥»÷ÕßÈôÊÇ¿ÉÒÔ¿ØÖÆÖîÈçinclude()£¬ £¬£¬£¬£¬£¬£¬fopen()£¬ £¬£¬£¬£¬£¬£¬file_get_contents()£¬ £¬£¬£¬£¬£¬£¬file()µÈÎļþ²Ù×÷µÄº¯Êý£¬ £¬£¬£¬£¬£¬£¬Ôò¿ÉÒÔÔì³ÉÑÏÖصÄÎó²î¡£ ¡£¡£¡£¡£¡£Òò´Ë£¬ £¬£¬£¬£¬£¬£¬Í¨³£ÐèÒªÔÚÕâЩº¯ÊýʹÓÃÇ°ÑéÖ¤Óû§µÄÊäÈë¡£ ¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


Thomas ½«ÎÊÌâ¼û¸æ WordPress£¬ £¬£¬£¬£¬£¬£¬ºóÕß֤ʵ¸ÃÎÊÌâ±£´æ¡£ ¡£¡£¡£¡£¡£WordPressÐû²¼µÄ²¹¶¡²¢Î´ÍêÈ«½â¾öÕâ¸öÎÊÌâ¡£ ¡£¡£¡£¡£¡£


Thomas ½«Îó²î¼û¸æ Typo3 ¹«Ë¾£¬ £¬£¬£¬£¬£¬£¬Typo3Ðû²¼°æ±¾ 7.6.30¡¢8.7.17 ºÍ 9.3 ½â¾öÁ˸ÃÎÊÌâ¡£ ¡£¡£¡£¡£¡£


»º½â¼Æ»®£º


1¡¢¶ÔPHARµµ°¸¾ÙÐÐÊðÃû¼ì²â¡£ ¡£¡£¡£¡£¡£


2¡¢ÈôÊDz»ÐèÒª£¬ £¬£¬£¬£¬£¬£¬½ûÓÃPHARÀ©Õ¹¡£ ¡£¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://thehackernews.com/2018/08/php-deserialization-wordpress.html