Community Learn Tools Library Leisure

English

Home > Backend Development > PHP Tutorial > 关于php漏洞

关于php漏洞

WBOY

Release： 2016-06-23 14:33:11

Original

838 people have browsed it

对于字符型注入是php比较麻烦的问题。因为safe_mode为On的时候会过滤'为\'

众所周知，\的编码是%5c

如果前面加个%d5的话，就和%5c构成一个汉字：诚

这样就可以很好的进入查询系统：

%d5%5c

注入形式为：

target.php?name=aa

测试：

target.php?name=aa%d5'

Related labels：

关于php漏洞

source：php.cn

Previous article：PHP die(message) 函数 Next article：PDT + Xdebug 调试 PHP

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

Where should I place CustomLog directive in apache I'm using php:7.2-apachedocker. I need to disable health check url login access log. Based...

From 2024-04-06 22:03:59

0

1

990

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template