[php代码审计] apache 后缀名解析“漏洞”
2024-09-04 07:55:50
不能说是漏洞,只是 apache 特性而已。
下面是apache httpd.conf中截取的一段:
<IfModule mime_module>
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig conf/mime.types #
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#
#AddType application/x-gzip .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#
AddEncoding x-compress .Z
AddEncoding x-gzip .gz .tgz
#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3 #
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
#AddHandler cgi-script .cgi # For type maps (negotiated resources):
#AddHandler type-map var #
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml </IfModule>
由上可知道,.php 或 .php3后缀的文件会被php解析。
Index.php.a文件有两个后缀,分别是.php和.a,apache无法识别.a但可以识别.php,然后件给php去解析。
如果去掉后缀 (.php) ,则无法解析,按照默认设置(DefaultType text/plain),对于无法识别的后缀,按纯文本发给浏览器。
如下图(.a后缀无法识别,按默认):
如果在 httpd.conf 中添加AddType application/x-httpd-php .a如图:
Apache按从右到左的顺序识别文件后缀,直至找到后缀能匹配配置文件中的设置。index.php.txt,将会被识别为纯文本(text/plain);
index.php.Z将会被识别为压缩文件。Index.php.a 若.a没有被设置或mime.types没有定义,则会识别为.php后缀的文件,交给php解析。
在mine.types中设置后缀匹配识别:
最新文章
- centos 6.7安装与配置vncserver
- 比较两个NSDate类型的参数相差的时间差
- 用canvas制作酷炫射击游戏--part2
- ImageTragick Exploit &; Fix
- 动态内存分配导致Javascript性能的问题
- 大道至简之编程的精义读后感(Java伪代码)
- SQL Server附加数据库文件出错
- JS实现浏览器的title闪烁
- 关于arguments对象以及函数的柯里化;
- Objective-C异步编程
- SON-RPC for Java
- C#操作求出SQL中某一字段所有行的和方法!
- ECSHOP自动收货解决方案 【附代码】
- 关系操作符 <; >; = == <;= >;= !=
- Nginx 实现负载均衡
- mysql-day06
- [Jmeter] Run Command to generate a specific listener’s chart report
- BZOJ.1396.识别子串(后缀自动机/后缀数组 线段树)
- POJ 2449 Remmarguts&#39; Date (K短路 A*算法)
- SSAS 笔记