Community Learn Tools Library Leisure

English

Home > Backend Development > PHP Tutorial > Arbitrary file execution vulnerability in PHP under Windows_PHP Tutorial

Arbitrary file execution vulnerability in PHP under Windows_PHP Tutorial

WBOY

Release： 2016-07-21 16:07:42

Original

960 people have browsed it

Affected systems:
PHP version 4.1.1 under Windows
PHP version 4.0.4 under Windows

Vulnerability description:
🎜>In PHP under Windows, through PHP.EXE, an attacker can make any file appear as a php file, even if the file extension is not php. For example, upload a file, but the extension is mp3, txt, or gif, etc., and then ask PHP to execute it.
　For example:
Upload a gif file, but it is actually a php script file. The content of the file is as follows:
#------------
phpinfo();
?>
#------------

Then the attacker uses PHP Go to execution:
http://www.example.com/php/php.exe/UPLOAD_DIRECTORY/huh.gif

Related labels：

php windows Down Influence implement document loopholes of system

source：php.cn

Previous article：Implementation of infinite level menu_PHP tutorial Next article：How to filter and highlight illegal characters_PHP Tutorial

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

Compare Imagick, Adobe Photoshop and Windows - Detect resolution (pixels per centimeter or pixels per inch) This is not a question but an attempt to improve my understanding of how DPI is stored in ...

From 2024-04-06 16:01:27

0

1

397

Use locally installed libraries in website pages Is it possible to use libraries (.dll, .ocx) written for Windows operating systems and reg...

From 2024-04-05 00:15:49

0

1

3563

Authserver "Unable to connect" "Host xxxxx is not authorized" after changing the LAN installation IP Use the default Windows installation instructions on a bare metal Windows 10 installation....

From 2024-04-04 15:06:41

0

1

374

/bin/sh: 1: C:xamppphpphp.exe: not found I'm using WSL2, Ubuntu20.04 and running VSCode. I'm using the CodeRunner extension in VSCo...

From 2024-03-31 09:10:37

0

1

333

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template