register_globals 詳解
#################################################
# 文章出處 :
#################################################
這是 php 的一項很致命傷的漏洞 初學php的人 必需先建立好這個關念 不然很容易讓自己寫好的系統被攻擊. ...
替大家做個解說好了 : [@more@] In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL instead of $id, or $_ENV['HOME'] instead of $HOME.
From version 4.1.0 onward, PHP provides an additional set of predefined arrays containing variables from the web server (if applicable), the environment, and user input. These new arrays are rather special in that they are automatically global--i.e., automatically available in every scope. For this reason, they are often known as 'autoglobals' or 'superglobals'. (There is no mechanism in PHP for user-defined superglobals.) The superglobals are listed below; however, for a listing of their contents and further discussion on PHP predefined variables and their natures, please see the section Reserved Predefined Variables. Also, you'll notice how the older predefined variables ($HTTP_*_VARS) still exist. As of PHP 5.0.0, the long PHP predefined variable arrays may be disabled with the register_long_arrays directive.
大家可以找一下 php.in :
variables_order = "EGPCS"
Set the order of the EGPCS (Environment, GET, POST, Cookie, Server) variable parsing. The default setting of this directive is "EGPCS". Setting this to "GP", for example, will cause PHP to completely ignore environment variables, cookies and server variables, and to overwrite any GET method variables with POST-method variables of the same name.
什麼是 EGPS 呢 :
這個設定是用來控制 post get cooie 伺服器變數 等環境變數 讓 php 以順序的方式來定義它們 .
而 PCS 呢 :
則是 後來的環境變數可以蓋過之前的變數 .
哈... 大家聽完有點亂亂的吧 .
簡單來說就是 pcs 會造成 假設第一個post 進來的 變數值 可以 蓋過 get 的變數值
換言之 第一個是 get 時 那 第二個 post 也可以取代掉它 .
嘿嘿 ,, 這樣的話 我就可以 用 sql injection 來攻擊系統 比起 egps 的方式用 可以 全方位的使用隱碼攻擊 .
而 register_globalls 關閉的話 它會讓 egps 變成 全域變數 , 這表示 使用者可以任意的假造變數增加 系統更高的安全風險.
而 $HTTP_GET_VARS[""] 則是 開 啟 track_vars 則 egps 變數 就可以給 $HTTP_GET_VARS[""]使用
If enabled, then Environment, GET, POST, Cookie, and Server variables can be found in the global associative arrays $_ENV, $_GET, $_POST, $_COOKIE, and $_SERVER.
Note that as of PHP 4.0.3, track_vars is always turned on.
# 文章出處 :
#################################################
這是 php 的一項很致命傷的漏洞 初學php的人 必需先建立好這個關念 不然很容易讓自己寫好的系統被攻擊. ...
替大家做個解說好了 : [@more@] In PHP 4.2.0 and later, the default value for the PHP directive register_globals is off. This is a major change in PHP. Having register_globals off affects the set of predefined variables available in the global scope. For example, to get DOCUMENT_ROOT you'll use $_SERVER['DOCUMENT_ROOT'] instead of $DOCUMENT_ROOT, or $_GET['id'] from the URL instead of $id, or $_ENV['HOME'] instead of $HOME.
From version 4.1.0 onward, PHP provides an additional set of predefined arrays containing variables from the web server (if applicable), the environment, and user input. These new arrays are rather special in that they are automatically global--i.e., automatically available in every scope. For this reason, they are often known as 'autoglobals' or 'superglobals'. (There is no mechanism in PHP for user-defined superglobals.) The superglobals are listed below; however, for a listing of their contents and further discussion on PHP predefined variables and their natures, please see the section Reserved Predefined Variables. Also, you'll notice how the older predefined variables ($HTTP_*_VARS) still exist. As of PHP 5.0.0, the long PHP predefined variable arrays may be disabled with the register_long_arrays directive.
大家可以找一下 php.in :
variables_order = "EGPCS"
Set the order of the EGPCS (Environment, GET, POST, Cookie, Server) variable parsing. The default setting of this directive is "EGPCS". Setting this to "GP", for example, will cause PHP to completely ignore environment variables, cookies and server variables, and to overwrite any GET method variables with POST-method variables of the same name.
什麼是 EGPS 呢 :
這個設定是用來控制 post get cooie 伺服器變數 等環境變數 讓 php 以順序的方式來定義它們 .
而 PCS 呢 :
則是 後來的環境變數可以蓋過之前的變數 .
哈... 大家聽完有點亂亂的吧 .
簡單來說就是 pcs 會造成 假設第一個post 進來的 變數值 可以 蓋過 get 的變數值
換言之 第一個是 get 時 那 第二個 post 也可以取代掉它 .
嘿嘿 ,, 這樣的話 我就可以 用 sql injection 來攻擊系統 比起 egps 的方式用 可以 全方位的使用隱碼攻擊 .
而 register_globalls 關閉的話 它會讓 egps 變成 全域變數 , 這表示 使用者可以任意的假造變數增加 系統更高的安全風險.
而 $HTTP_GET_VARS[""] 則是 開 啟 track_vars 則 egps 變數 就可以給 $HTTP_GET_VARS[""]使用
If enabled, then Environment, GET, POST, Cookie, and Server variables can be found in the global associative arrays $_ENV, $_GET, $_POST, $_COOKIE, and $_SERVER.
Note that as of PHP 4.0.3, track_vars is always turned on.
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/786540/viewspace-926536/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- PHP 規範程式設計 register_globals 配置項PHP程式設計
- http協議/cookie詳解/session詳解HTTP協議CookieSession
- Lombok 註解詳解Lombok
- Java註解詳解Java
- Java 註解詳解Java
- Java註解最全詳解(超級詳細)Java
- HiveQL詳解Hive
- 詳解Inode
- Vuex詳解Vue
- PWA詳解
- 詳解CountDownLatchCountDownLatch
- DiffUtil詳解
- iptables詳解
- TCP詳解TCP
- CDN詳解
- Typescript詳解TypeScript
- Mybatis詳解MyBatis
- Synchronized詳解synchronized
- TLS 詳解TLS
- 詳解bind
- 詳解GOPATHGo
- HTTP 詳解HTTP
- JavaScript this詳解JavaScript
- BT詳解
- nginx 詳解Nginx
- @autowired詳解
- ECharts 詳解Echarts
- DiskBasedCache詳解
- JavaWeb詳解JavaWeb
- IndexedDB詳解Index
- BART詳解
- JDBC詳解JDBC
- Pod詳解
- HugePages詳解
- Service詳解
- Weakmap詳解
- dcokerfile 詳解
- Git詳解Git