php中allow_url_include的应用分析

3. // Insecure Include

4. // The following Include statement will
5. // include and execute everything POSTed
6. // to the server

7. include "php://input";

8. ?>

例2: Use data: to Include arbitrary code

3. // Insecure Include

4. // The following Include statement will
5. // include and execute the base64 encoded
6. // payload. Here this is just phpinfo()

7. include "data:;base64,PD9waHAgcGhwaW5mbygpOz8+";

8. ?>

把这些放到运算里将会发现既不是url_allow_fopen也不是url_allor_include 被保障。 只是因为过滤器很少对矢量进行过滤。如果要完全解决这个URL include vulnerabilities的方法则需要应用Suhosin扩展。