nginx directory traversal vulnerability reproducibility
First, Vulnerability Description
When Nginx configuration alias (Alias), and if you forget to add / will result in a directory traversal vulnerability.
Second, the principle of vulnerability
1, nginx.conf modify, add the following disposed at a position below
When you set the following configuration directory alias / files configured as / home / alias, then when we visit /files../, when the actual processing path nginx /home/../, in order to achieve through the directory.
Third, the vulnerability environment to build and reproducibility
1, mounted in nginx ubuntu 16.04
1.1 install nginx dependent libraries
1.1.1 install gcc g ++ library dependencies
ubuntu platform can use the following command:
apt-get install build-essential
apt-get install libtool
1.1.2 install pcre dependent libraries
apt-get install libpcre3 libpcre3-dev
Zlib 1.1.3 Installation dependent libraries
apt-get install zlib1g-dev
1.1.4 install ssl dependent libraries
apt-get install openssl
1.2 install nginx
# Download the latest version:
wget http://nginx.org/download/nginx-1.11.3.tar.gz
# Decompression:
tar -zxvf nginx-1.11.3.tar.gz
# Unzip into the directory:
cd nginx-1.11.3
# Configuration:
./configure --prefix=/usr/local/nginx
# Edit nginx:
Make
# Install nginx:
make install
# Start nginx:
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
1.3 browser to access, whether to build a successful test nginx
2, modify /usr/local/nginx/conf/nginx.conf, add the following in the position as shown below:
3, restart nginx service
./sbin/nginx -s reload
4, browser access http://192.168.10.137/files/
5、浏览器访问http://192.168.10.137/files../,如下图所示,说明存在目录穿越漏洞
6、修改/usr/local/nginx/conf/nginx.conf,把files使用/闭合
7、重启nginx服务,再次访问http://192.168.10.137/files../,提示404,说明该漏洞不存在
四、漏洞防御
1、修改/usr/local/nginx/conf/nginx.conf,使用/闭合/files,形成/files/。
-------------------------------------------------------------------------------------------------
参考: ubuntu 16.04安装nginx https://www.cnblogs.com/piscesLoveCc/p/5794926.html