PHPÖ´ÐÐrootÃüÁî
ÔÚÍæC ÒÔǰ Íæ¹ýÒ»¶Îʱ¼äµÄPHP, ÄĸöʱºòÐèÒªÓÃPHP À´ÔËÐÐrootÃüÁî,һֱδ¹û,Ö±µ½ÓÐÒ»ÌìËÑË÷µ½ÁËsuperÕâ¸ö²å¼þ.
Ëæ×ÅÍæCµÄÈÕ×Ó¶àÁË.·¢ÏÖ¿ÉÒÔÓÃCÓïÑÔÀ´°ü¹ü ÒªÔËÐеÄÍⲿÃüÁî. ʵÑéÁËÒ»ÏÂ.³É¹¦ÁË.
²»ÐèÒªÈκÎÍⲿ¹¤¾ß¾Í¿ÉÒÔʵÏÖÓÃPHP Ö´ÐÐrootÃüÁî.
ÎÒÏÂÃæ¾Í°Ñ·½·¨·¢²¼¸ø´ó¼Ò,ÓÐÐèÇóÓÃphpÀ´ÔËÐÐrootÃüÁîµÄÅóÓÑ¿ÉÒÔ²»Ó÷¢³îÁË.
ƽ̨:Linux. ʵÑéÃüÁîiptables µ±Ç°µÄĿ¼ÊÇ/var/www/html/http
д³ÌÐòµÄʱºò ÓÃrootÓû§
´ó¼Ò¶¼ÖªµÀiptables ·ÇrootÓû§²»ÄÜÔËÐÐ.
Ê×ÏÈд¸öC³ÌÐò
ÃüÃûΪ:ipt.c
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
int main()
{
uid_t uid ,euid;
char cmd[1024];
uid = getuid() ;
euid = geteuid();
printf("my uid :%u\n",getuid()); //ÕâÀïÏÔʾµÄÊǵ±Ç°µÄuid ¿ÉÒÔ×¢Ê͵ô.
printf("my euid :%u\n",geteuid()); //ÕâÀïÏÔʾµÄÊǵ±Ç°µÄeuid
if(setreuid(euid, uid)) //½»»»
ÕâÁ½¸öid
perror("setreuid");
printf("after setreuid uid :%u\n",getuid());
printf("afer sertreuid euid :%u\n",geteuid());
system("/sbin/iptables -L"); //Ö´ÐÐiptables -LÃüÁî
return 0;
}
[/CODE]
±àÒë¸ÃÎļþ gcc -o ipt -Wall ipt.c
Ôڸ÷¾¶ÏÂÉú³Éipt Õâ¸ö¿ÉÖ´ÐÐÎļþ.
Èç¹ûÏÖÔÚÓÃPHPÍøÒ³µ÷Óà ¸ÃiptµÄ»°,¼´Ê¹setreuidÁË Ò²ÊDz»ÐеÄ.
½ÓÏÂÀ´Òª×öµÄÊÇchmod u+s ./ipt
ls Ò»ÏÂ
-rwsr-xr-x 1 root root 5382&nb
Ïà¹ØÎĵµ£º
0¡¢Óõ¥ÒýºÅ´úÌæË«ÒýºÅÀ´°üº¬×Ö·û´®£¬ÕâÑù×ö»á¸ü¿ìһЩ¡£ÒòΪPHP»áÔÚË«ÒýºÅ°üΧµÄ×Ö·û´®ÖÐËÑѰ±äÁ¿£¬µ¥ÒýºÅÔò²»»á£¬×¢Ò⣺ֻÓÐechoÄÜÕâô×ö£¬ËüÊÇÒ»ÖÖ¿ÉÒ԰Ѷà¸ö×Ö·û´®µ±×÷²ÎÊýµÄ“º¯Êý”£¨Òë×¢£ºPHPÊÖ²áÖÐ˵echoÊÇÓïÑԽṹ£¬²»ÊÇÕæÕýµÄº¯Êý£¬¹Ê°Ñº¯Êý¼ÓÉÏÁËË«ÒýºÅ£©¡£
1¡¢Èç¹ûÄܽ«ÀàµÄ·½·¨¶¨Òå³Éstatic ......
Ò»¡¢¹æ·¶Ç°ÑÔÆª
±ê×¼»¯²»ÊÇÌØÊâµÄ¸öÈË·ç¸ñ£¬ËüÈóÌÐòÔ±¿ÉÒÔÁ˽âÈκδúÂ룬ŪÇå³ÌÐòµÄ×´¿ö£»ÐÂÈË¿É
ÒԺܿìµÄÊÊÓ¦»·¾³£»·ÀֹнӴ¥phpµÄÈËÒ»´Î´ÎµÄ·¸Í¬ÑùµÄ´íÎó£»ÔÚÒ»ÖµĿª·¢»·¾³Ï£¬
¿ÉÒÔ¼õÉÙÈËÃÇ·¸´íµÄ»ú»á¡£±¾¹æ·¶µÄ±ê×¼ÔÚ¾ø¶Ô¶àÊýÓ¦ÓÃÉÏΪ·ÂÕÕjava¼¼ÊõÌåϵ£¬ÒòΪ
java¼¼ÊõÌåϵÒÔÆäÖÚ¶à³É¹¦µÄ°¸Àý³ÉΪ´ó²¿·Ö¼ÆËã»úÓ¦Ó ......
PHP ×Ô¶¨Ò庯ÊýʵÏÖϵͳº¯Êý¹¦ÄÜ
×ÜÊÇÓñðÈËдºÃµÄº¯Êý ÊDz»ÊǾõµÃ²»Ë¬?ºÃ,ÏÂÃæ¸ú×ÅÎÒÀ´Ð´°É~~ÒÔÏ´úÂëÈ«²¿ÓÉ×Ô¼º±àд,¾øÎ޳Ϯ֮ÏÓ~~ÏÖÌùÉÏ,½ö¹©²Î¿¼.(¿ÉÄÜÓÐЩ¹¦ÄÜûÓÐдȫ)
˵Ã÷Ò»ÏÂ,дϵͳº¯ÊýÔÙÄÃÀ´Ê¹ÓÃȷʵºÜ´À,µ«Ö»ÊÇ×÷ΪÁ·Ï°,»¹ÓÐ,ÔÚÃæÊÔʱȷʵÊÇËã·¨¿¼µÃ¶à,ÍøÉÏÕÒÀ´µÄÃæÊÔÌâÒ²´ó¶¼Òª¿¿Ëã·¨\Óï·¨ÊìÁ·²ÅÄÜ ......
¡¡
¡¡PHP Ö§³Öcurlº¯Êý(ÔÊÐíÄãÓò»Í¬µÄÐÒéÁ¬½ÓºÍ¹µÍ¨²»Í¬µÄ·þÎñÆ÷). curl
ÊÇʹÓÃURLÓï·¨µÄ´«ËÍÎļþ¹¤¾ß£¬Ö§³ÖFTP¡¢FTPS¡¢HTTP HTPPS SCP SFTP TFTP TELNET DICT
FILEºÍLDAP¡£curl Ö§³ÖSSLÖ¤Êé¡¢HTTP POST¡¢HTTP PUT ¡¢FTP
ÉÏ´«£¬kerberos¡¢»ùÓÚHTT¸ñʽµÄÉÏ´«¡¢´úÀí¡¢cookie¡¢Óû§£«¿ÚÁîÖ¤Ã÷¡¢Îļþ´«Ëͻָ´¡¢http´úÀí ......
»ù±¾¸ÅÄî
PHP ÖеÄÊý×éʵ¼ÊÉÏÊÇÒ»¸öÓÐÐòͼ¡£Í¼ÊÇÒ»ÖÖ°Ñ values Ó³Éäµ½ keys µÄÀàÐÍ¡£Òò´Ë¼È¿ÉÒÔ°ÑphpµÄÊý×éµ±×öÆÕͨÊý×éʹÓã¬Ò²¿ÉÒÔÓÃËüÀ´Ä£Äâ×ֵ䡢¼¯ºÏ¡¢Õ»¡¢¶ÓÁС¢Ê÷µÈ¶àÖÖÆäËûÊý¾Ý½á¹¹¡£
Êý×éµÄ´´½¨£º
´´½¨Êý×éµÄÒ»°ã¸ñʽΪ£º$arrName = array( [key =>]value, ...)£¬ÆäÖÐkey ¿ÉÒÔÊÇ integer »òÕß string£¬¶øval ......