Forum List Message List New Topic Print View

Edho Arief

December 03, 2011 04:06AM

On Sat, Dec 3, 2011 at 3:26 PM, escavern <nginx-forum@nginx.us> wrote:
> This is very dangerous Remote File Inclusion Bug in Nginx+php-fpm
> The Nginx+php-fpm shows dangerous bug because its allowed the PhpShell
> hidden in Image to Running,
>
> if you have php script like this:
> ------------------------------------------------------------------------------------------------------------
> <?php
>
> $rfi = $_GET['call'];
> include($rfi);
> ?>

...you must be kidding me. That's like asking why you get sql
injection when you have code like this: mysql_query("select * from
users where username = '$_GET['user']'").

use

echo file_get_contents($rfi);

instead. Note that even with this someone can set parameter to
something like "../index.php" and with sufficient effort might be able
to locate your database etc (or your /etc/passwd). Something like

echo file_get_contents('./uploaddir/'.basename($rfi));

Is much better. Note that I'm not sufficiently knowledgeable in php so
the recommendation above might still be insecure.

Apache has more hand-holding feature which is why it doesn't work.

--
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 03:26AM
Re: Nginx+Php-fpm Dangerous Bug	António P. P. Almeida	December 03, 2011 03:48AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 03:58AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 04:05AM
Re: Nginx+Php-fpm Dangerous Bug	Edho Arief	December 03, 2011 04:06AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 04:09AM
Re: Nginx+Php-fpm Dangerous Bug	Edho Arief	December 03, 2011 04:24AM
Re: Nginx+Php-fpm Dangerous Bug	Jérôme Loyet	December 03, 2011 04:32AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 04:48AM
Re: Nginx+Php-fpm Dangerous Bug	Oleksandr V. Typlyns'kyi	December 03, 2011 05:02AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 05:12AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 05:14AM
Re: Nginx+Php-fpm Dangerous Bug	locojohn	December 03, 2011 07:49AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 10:37AM
Re: Nginx+Php-fpm Dangerous Bug	escavern	December 03, 2011 04:47AM
Re: Nginx+Php-fpm Dangerous Bug	Oleksandr V. Typlyns'kyi	December 03, 2011 04:14AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 282

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018