Scribd Logo
Upload

Welcome to Scribd!

  • Đề Tài Các Phương Thức Tấn Công Và Phòng Thủ Web Server

    Uploaded by

    kienna
    27 views55 pages
    Đề Tài Các Phương Thức Tấn Công Và Phòng Thủ Web Server

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Đề Tài Các Phương Thức Tấn Công Và Phòng Thủ Web Server

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    27 views55 pages

    Đề Tài Các Phương Thức Tấn Công Và Phòng Thủ Web Server

    Uploaded by

    kienna
    Đề Tài Các Phương Thức Tấn Công Và Phòng Thủ Web Server

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 55
    LOI MO DAU Cang v6i su phat trién cia cng nghé théng tin, cong nghé mang may tinh va swe phat trién cia mang intemet ngay cing phat trién da dang va phong phi. Céc dich vy trén mang da tham nh§p vao hau hét cde linh vuc trong ddi séng xa hoi. Cac thong tin tren Intemet cing da dang vé n6i dung vi hinh thite, trong d6 e6 rit nhigw thdng tin dn duge bdo mft cto hon bai tinh kinh té, tinh chinh xéc va tink tin e@y eta né. Ben canh 6, céc hinh thire pha hoai mang eiing tre nén tinh vi va phite tap hon. Do 46 di véi mdi hé théng, nhiém vy bio mét duge dat ra cho ngudi quan tri mang la hét site quan trong va can thiét. Xuat phat tir nhing thye té dé, chiing ta sé tim hiéu vé cic cach tn cong phd bién nhdt hign nay va cde phong chéng cae logi tin cong nay. Chinh vi vay, thng qua vige nghién etm m@t sé phuong phép tin edng va edch bao mat cae loa tén cng nay,t6i mong muén gép mot phan nho vao vige nghién ciru vi hiéu vé cdc van dé an ninh mang gitip cho vige hoc tép va nghién etru, ‘Toi xin chan thanh cm on sur hudng dn cia Thay Dang Ngoc Cuong la thay true tip huéng dan dé dn chuyén nganh cho t6i, gidip ti c6 thé hoan thanh 46 an nay. 1. Ly do chon dé tai Trong nhiing nam gin das . Vigt Nam ngdy cing phit srién va ahdt li vé mat cng nghé thong tin, Bac bigt Ia vé img dung web, hiu nhu moi ngudsi ai cing timg nghe va Jam vige trén tmg dung web, Website tro nén phd bién va tro thanh mot phan quan. trong ciia moi ngui va nhit fede doanh nghigp, cong ty. Ben canh dé IY do an ton bao mét cho img dung web Indn la vin dé nan gidi cba moi nguéi.Vi vay ching ta s8 di tim hiéu tg dung web va cach thire tn cdng va bao mat web. 2. Mye tigu an dé Giap ching ta c6 thé hiéu hon vé cae ing dung website, cic méi de doa vé an ton thong tin khi ching ta kim vige trén img dung web hang ngiy, hiéu ro hon v8 céc ky thudt tin céng va bio mat web. 3. Pham vi Tim higu céc ky thudt tin cong phd bién nhat hign nay nhu SQL Injection, Denial én tren Of Service, Local Attack,...Cich bao mat, phong tha céc loai tn cong phé mot cach tng quan nhat CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, MUC LUC CHUONG 1 4 TONG QUAN VE WEBSITE, CAC DICH VU CUA WEBSITE VA LOI BAO MAT THONG DUNG so 4 1.1. M6 ta Website va each hoat dong. 4 1.2. Cée dich vu va ting dung trén nén web 5 CHUONG 2. 6 CAC LOAI TAN CONG VA BAO MAT UNG DUNG WEB PHO BIEN 6 2.1, LOCAL ATTACK 6 2.1.1. Tim hiéu vé Local Attack 6 2.1.2. Céch tin céng Local Attack 8 2.1.3. Céch bio mat cho Local Attack 10 2.4, Cie e6ng cu hd tro . wl 2.2. Tan cng tir chéi dich vu - (Denial Of Service) 15 2.2.1, DOS(Denial Of Service) 15 2.2.2, Ddos(Distributed Denial of Service) ....ennansnnnnnnansen ene 2.2.3. Tan c6ng tr chéi dich vu phan xa nhiéu ving DRDOS (Di Reflection Denial of Service) PEs Tei 80) 2.3. SQL Injection Cs Pt 8) 2.3.1. Tin céng SQL injection 132 2.3.2.Céich Phong Tran SQL Injection ..... At 2.4, Cross Site Scripting (XSS)... 46 2.4.1, Tan cong XSS PEE eet eee eee ee Ag Phong chong. : : Ft : soonest 49 CHUONG 3. PEt ee tet ee beer oe ee DEMO, DANH GIA VA HUONG PHAT TRIEN DE TAL 50 NGUYEN VUONG NGHI ‘Trang 2 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, 3.1. Demo, 50 3.2. Két Iudin 51 3.2.1, Cée van dé dat duge 51 3.2.2. Han ché. 52 3.2.3, Hung phat trién dé tai 52 NHAN XET CUA GIANG VIEN HUONG DAN 54 NHAN XET CUA GIANG VIEN PHAN BIEN. 55 NGUYEN VUONG NGHI Trang 3 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, CHUONG 1 TONG QUAN VE WEBSITE, CAC DICH VU CUA WEBSITE VA LOI BAO MAT THONG DUNG. 1.1. Mé ti Website va edich hoat dong Website ki mot “trang web” trén mang Intemet, day 14 noi gidi thigu nhtng thdng tin, hinh anh vé doanh nghigp vi sin phim, dich vy ea doanh nghigp (hay gigi thigu bat cir thng tin gi) dé khach hang c6 thé truy cp o bat ky noi dau, bat cit lite nio. Website la tap hop nhiéu trang [web page]. Khi doanh nghigp xay dyng website nghia la dang xy dyng nhiu trang thong tin, catalog sin phim, dich vy...Dé tao nén mt website cin phai 06 3 yéu t6 co ban: in phai ¢é tén mién (domain). Noi hu trit website (hosting). #Noi dung cae trang thong tin [web page}. ‘Mot s6 thuat ngit co ba: Website dong (Dynamic website) la website ¢6 co sé dir ligu, duge cung cip cong cu quan ly website (Admin Tool). Bac diém cia website déng li tinh linh hoat va in tren website 6 thé cp nhat thong tin thurimg xuyén, quain I ede thin ph ding Loai website nay thurdng duge viét bing cée ngén ngit lap trinh nhu PHP, Asp.net, JSP, Perl. quai tr] Co $6 dt ligu bing SQL hoae MySQL. Website tinh do lgp trinh bing ngon ngit HTML theo timg trang nhur brochure, Khong c6 co si dit ligu va khong c6 cong cy quan ly thong tin trén website. Thong thuémg website tinh duge thiét ké bing cée phn mém nhir FrontPage, Dreamwaver Dac diém cua website tinh la it thay doi ndi dung, su thay doi ndi dung nay thuong ign quan dén sv thay d6i cde van ban di kém thé hign noi dung trén d6, Hign nay, hu hét céc doanh nghiép déu sir dung website dong, thé hé cong nghé website duge mgi ngudi biét dén la web 2.0. - Tén mién (domain): Tén mién chinh 1a dia chi website, én intemet chi tén tai duy nihat mt dia chi (ite ttn tai duy nhaét mot tén min), C6 2 oat tén mi = Tén mign Quée té la tén mién 6 dang com: net; org; biz; name NGUYEN VUONG NGHI Trang 4 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, = Tén mign Vigt Nam: 1a tén min c6 dang .vn; .com.vn; net.vn; org.vn; .gov.vn; ~ Liru trir website: Di ligu thong tin cia website phai durge iru tr trén mOt may tinh (may chit - server) luén hogt déng va két néi véi mang Intemet, Mot server ¢6 thé hint trit nhidu website, néu server nay bj sy cb ching hgn tit trong mt thoi diém nao 46 thi Ichéng ai 6 thé tray cap duge nhimg website luu trit trén server tai thoi diém bi sy c6. ~ Tay theo nhu edu lira tr thong tin ma doanh nghigp e6 thé thué dung lung thich hop cho website [thué dung long host]. ~ Dung lurgng host: La noi dé hu co s6 tri dit Tigu ciia website (hinh anh, théng tin ), don vi do dung long thurémg li Mb hode Gb. ~ Bang thong hay dung Inong dung truyén truyén: La ting sé Mb dit ligu tai lén may chit hode tai vé tir may ch @ownload, upload) noi dgt website, don vj do thong thudng Ia Mb/Thing. 1.2. Cae dich vy va tng dung trén nén web: Voi cong nghé hign nay, website khOng chi don gin Li m@t trang tin cung cp cée tin bai don gin, Nhting img dung viét «én nén web khong chi duge goi ki mot phin cia website ntta, gid day ching durge goi 1a phn mém viét én nén web. Cé rit nhiéu phdn mém chay trén nén web nhu Google word (xir ly van bin), Google spreadsheets (xit ly bang tinh), Email ,. ‘M6t s6 wu diém ciia phan mém hay img dung chay trén nén web: * — Moi ngudi déu c6 trinh duyét va ban chi can trinh duyét dé chay phin mém. + Phin mém fuén ludn duge cp nhgt vi ching chay trén server + Luén sin sing 2477 + Di ing backup dir ligu thurdmg xuyén + Co thé try edip moi ic, moi noi, mign li ban 68 mang + Chi phi trién khai cyte ré so vi phan mém chay trén desktop Hay hinh dung ban c6 mot phan mém quan ly ban hang hay quan ly cing vige & cong ty. Khong phai hic nao ban cing 6 cing ty, voi phn mém viét trén nén web, ban 6 thé vio kiém tra, digu hanh 6 bat it dau, thém chi ban chi cin mét chiée dign thoai chay duge trinh duyét nhur IPhone ma khéng can dén mot chiée may tinh. NGUYEN VUONG NGHI ‘Trang § CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, CHUONG 2 CAC LOAI TAN CONG VA BAO MAT UNG DUNG WEB PHO BIEN 2.4. LOCAL ATTACK 2.1.1. Tim higu vé Local Attack = Local attack la m@t trong nhiing kiéu hack rét phd bidn va khéng durge khuyén diing.Déi mot web server thong thurdmg Khi ban ding ky’ mt ti Khodn trén server mio 46 ban sé durge cp mot tai khoan trén server 46 va mot thu myc dé quan ly site cha minh, iu : tenserver/tentaikhoancuaban, Va nhwr viy cling e6 mét tai khoan cia ngudi ding khde twong ty nhu : tenserver/taikhoan! Gia sir taikhoan! bj hacker chi durge thi hacker c6 thé diing cae tha thusi,eaie doan scrip.cdc dogn ma Ignh dé truy cap sang thir mye chita site etia ban li tenserver/taikhoancuaban, Va cting theo cach nay hacker c6 thé tin cong sang cde site ca ngudi ding khdc va c6 thé lay thong tin admin,database,cée thong tin bio mat khae hoc chén cdc doan ma dée vio trang index cia site ban, Dang tn céng trén goi li Local Attack = Thong thug mht, Local Attack durge sir dung dé doc ldy théng tin config tit vietim, sau dé dya vao thong tin 6 config va myc dich cua hacker dé ph hoai website 2.1.2. Cich tén cng Local Attack = Dé thy hign tin céng Local Attack, ty theo eich thite ca hacker ma c6 abiing cach Local khae nhau, Thong thudng thi cae hacker thudng sit dung céc doan lénh dé tin cong vao database. 2.1.2.1. Chuén bj ~ Trude tién phai c6 mét con PHP/ASPICGI backdoor trén server. Backdoor thi ¢6 rat nhidu loai khac hau nhung phd bién nhat li phpRemoteView (thing duge goi la remview) R57Shell, CGITeInet,C99,...Tién hnh upload cae cong cu 6 trén len, thudmg la cae con shell nhur RS7,C99, - Upload mt trong nhing cong cu dé én host (Thurimg thi chiing ta sir dung ede con shell R57,C99,... vind manh va d8 sir dung) = Bé c6 host ching ta c6 nhidu cic NGUYEN VUONG NGHI Trang 6 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, + Mua mot edi host(edch nay hacker it sir dung vi nhidu ly do nhumg ly do co ban vin 14 ton tign ma Khi up shell 1én néu bj admin cia server phat hign sé bj del host,.. Véi ich nay thi sau khi Local xong thi nén x6a ede con shell ngay lap tite. + Hack mét trang bj Ii va upload shell Ién (thurang thi hacker sit dyng SQL Injection 48 hack m@t trang web va chiém tai khodn admin cia trang web 46 va upload ede con shell Ién)hode Khai thée I6i inclusion + Search backdoor (Vao google.com search keyword: <2phpRemoteView?> , r57Shell +). Voi céch nay thi hau hét cdc con shell 1a cia céc hacker da sir dung va chwa bi xa, néu duge thi ching ta nén upload cho ching ta mét con shell Khée 2.1.2.2.Tién hinh Attack ~ Sau khi ching ta chuan bj xong, tite la upload duge con shell Ién 1 server nio 446. Chiing ta bit diu tim cdc website cing server ma ban da up shell Ign, théng thug cée hacker thudmg sit dung Reverse Ip domain ma hacker da upload shell dé xem ce website cing server ~ Sau Khii tim duge danh sich website lin hugt check xem site nao bj Ibi va 66 thé loci sang durge Pic Kénh thugng ding trong shell dé Local Attack Xem tén domain trén ciing 1 host Is -la fetc/valiases ed /etcdomainaliases;ts tia - Trung hep dic bigt khi khong thé xem user nim cing host thi ta thém && vio ed /etchdomainaliases &é& ls lia = Muén biét tén user thi ding Iénh cat /ete/passwd/ Hoe less /ete/passwd + local sang vietim, tir li local sang site Khéc vi du hin tai con shell chiing ta dang & ‘Ahome/abed/public_htmi thi ching ta s@ local sang nhu sau NGUYEN VUONG NGHI ‘Trang 7 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, dir home/tén user edn local/public_html - Mudn biét tén user can local sang thi chting ta sir dung Reverse Ip dé lay danh séch user trén cing m6t server. Mudn biét user 46 cé ton tai hay khong ching ta mé trinh duygt. web lén va dinh doan : Ip cila_ server/ ten user (Vi dy 203.166.222.121/-doanchuyennganh), Néu trinh duyét hign én trang index ciia website thi tire ld user d6 tn tai +Xem ndi dung cia file cat /home/tén user can local/public_himl/index.php Hoe Ching ta muén xem config eta 1 forum thi ding In-s (homettén user cén local/public_hemlfforum/includes/config, php doanchuyennganh.txt ‘V6i doanchuyennganh.wxt 6 day Ia file chting ta tgo ra trén host eta ching ta dé xem file ca nguri khdée ! Néu khong sir dung duge cdc Iénh trén tite fa server da disable hire nang d6. ‘Them 1 sé lgnh shell trong linux - pwd: dura ra ngoai man hinh thu myc dang hogt dng (vi du: /ete/ssh). ~ ed: thay d6i thur mye (vi dy: ed .. ~ ra mt edp thir mye hign tai; ed vidu ~ vio thr mye (vid), - Is: dara danh sich ni dung thar mye, ~ mkdir: tao thur muc méi (mkdir tén_thumuc). = touch: tgo file méi (touch ten_file). = rmdir: bo mot ther muc (rmdir ten_thamuc). ep: copy file hod thir muc (ep file_ngudn file_dich). - my: di chuyén file hoe thir mue; cting duge ding dé dat Igi tén file hoge thir muc (inv vi_tri_c@ vi_tri_méi hoe mv tén_cdi én_méi), = 1m: logi bd file (rm tn_file). = Bé tim ki file, ban c6 thé ding: ind : ding cho cac tén file. - grep <>: dé tim ngi dung trong file ‘BE xem mot file, ban 66 thé ding: - more : hién thi file theo timg trang, NGUYEN VUONG NGHI ‘Trang 8 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, = cat <>: hién thj tit ca file. ~ Néu mudén két ndi tii m6t host tir xa, sir dung Ignh ssh. Cit phap la ssh , Quan Iy hg thong: - ps: hin thi ede chuomg trinh hign thai dang chay (rit hdu ich ps lei nhin ton 66 vé tit cd cae chung trinh), ~ Trong danh sich dua ra khi thc hign Kénh ps, ban sé thay 6 s6 PID (Process identification - nhin dang tién trinh), Con 6 nay sé dugc hoi dén khi muén ngimg mét dich vu hay img dung, diing lénh kill ~ top: hoat dng kha gidng nhu Task Manager trong Windows. Né dura ra théng tin vé tit cd tai nguyén hg théng, cdc tién trinh dang chay, t6e d@ load trung bink... Lénh top -d thiét Ip khoang thoi gian lam twoi lai hg théng, Ban co thé dat bat ky gid tri ndo, tir.1 (tite 10 mili gidy) t6i 100 (tire 100 gidy) hose thm chi kim hon. ~ uptime: thé hign thai gian ca he thing va te d load trung binh trong khosing thi ian dé, trude day la 5 phuit va 15 phat ‘Thong thurimg t5c 46 load trung binh durge tinh todn theo phan tram tai nguyén hé théng (vi ar ly, RAM, & ctmg vio‘ra, tbe 46 load mang) duge ding tai mot thdi diém. Néu téc 46 duge tinh todn 1a 0.37, tte e6 37% ti nguyén duge sir dung. Gid trj lin hon nhw 2.35 nghia la hé thong phai dgi mot s6 da ligu, khi 46 n6 sé tinh toan nhanh hon 235% ma khong gap phai vin dé gi ‘Nhung giita cae phan phéi o6 thé khac nhau mot chat, - fice: hién thi théng tin trén b6 nhé hé théng. - ifeonfig : dé xem théng tin chi tiét vé cfc giao dign mang; thong thuring giao dign mang ethemet c6 tén la eth(. Ban c6 thé cdi dat ede thiét Kap mang. hur dia chi IP hode bing céch ding lénh nay (xem man ifeonfig). Néu e6 di gids chura chinh xac, ban e6 thé stop hoge start (tite ngimg hose Khoi_ddng) giao dign bing ich ding Ignh ifconfig up/down. = passwd: cho phép ban thay di mat khéu (passwd ngudi_dimg_sé_hitu_mst_khiu hode tén ngs ding khe néu ban dang nhap hé thing véi vai tr root) ~ useradd: cho phép ban thém ngurdi ding mdi (xem man useradd), Di 6 phan phéi nao, ban cing c6 thé ding phim TAB dé ty déng hodn chinh mot lénh hoae tén file, Digu nay rit hitu ich khi ban quen véi ede Ignh, Ban cling 6 thé sit dung. NGUYEN VUONG NGHI ‘Trang 9 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, cde phim lén, xuéng dé cugn xem cae Iénh da nhap. Ban cé thé ding Iénh da dong tren mot dong. Vi dy nhu, néu mudn tgo ba thu myc chi trén mot dong, ct phap cb thé 1a: mkdir thy muc_1 ; mkdir tha_mye_2.; mkdir th_mye 3. Mt digu thi vi khée nita Ia cfc Igah dang pipe. Ban c6 thé xuét mét lénh thong qua Ignh khéc, Vi du: man mkdir | tal sé dua ra théng tin cde dong cudi cing trong trang xem "thi cong" cua lénh mkdir. Néu Iie nio 4 duge yeu clu phai ding nhgp véi tai khodn gbc (tire "sieu' admin cia hé théng), ban cé thé diing nhdp tam théi biing cdéch ding Iénh su. Tham sb -1 (su-1) ding dé thay di thur muc chii va cho cdc Iénh da hoe dang ding. Chit ¥ ta ban cing sé duge nhie m6t mét khau. Dé thoat hay déng : g6 exit hoac logout. 2.1.3. Céch bio mgt cho Local Attack Dé han ché Local Attack, chiing ta nén Chmod filemanager .di chuyén file config.php va sira déi file htaccess va nhat ld thurdmg xuyén backup dit ligu -Chmod File Manager: + CHMOD thir muc Public_html thanh 710 thay vi 750 mae dinh vige nay s® gitip ban bio vé duge edu trie Website ciia minh, + CHMOD tigp cae thir muc con (diendan (http://diendan.doanchuyennganh.com), CHMOD thy muc diendan (hupy/ CHMOD tiép cdc thr mye con trong thu myc diendan jendan.doanchuyennganh.com) thinh 701, 161 (huip:/diendan.doanchuyennganh.com) thanh 701 + CHMOD todn bd file thanh 404 ‘Véi CHMOD chic chin khi run shell sé hign ra thong bao Ii: Not Acceptable An appropriate representation of the requested resource ‘hest.php could not be found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Attacker s® khong view duge. NGUYEN VUONG NGHI Trang 10 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, = Ngoai ra_, mOt s6 site thi ban truy ep bing subdomain cia né ma khéng [a dang doanchuyenganh.com/diendan (hitp://diendan.doanchuyennganh.com), ci nay ¢6 nhieu y nghia, nhung trong bao mét thi nd sé rat khac, + CHMOD thu myc la 701 va 66 ging dimg bao gi CHMOD 777, c6 mat sé folder ko quan trong, ban c6 thé CHMOD 755 dé c6 thé hign thi ding va day dai mot s8 noi dung trong Folder 46. Chii y thé nay, mot s6 Server hd try CHMOD thy mue durge 101, néu Server cita ban hd trg cdi nay thi hay sir dung n6, vi bign phip CHMOD nay rat an toan, dén ngay ca Owner cling ko thé xem duge cau tric Folder ngay ca khi vio FTP. Hign chi e6 Server ciia Eshockhost.net li hi try cdi nay + CHMOD File 1a 604 va dimg bao git dé li 666 néu e6 vige cin 666 thi ching ta CHMOD tam dé sir dung lite 6, sau d6 hay CHMOD Iai ngay. Béi voi cdc Server hd tro CHMOD file 404 chiing ta hay CHMOD nhwr vay, vi du Server Eshockhostinet = Thay déi cdu trite, t€n file mae dinh c6 chita ede théng tin quan trong . Néu o6 thé hay thay d4i ca cdu trie CSDL néu ban lim duge ~Chéng local bing cach bat safe-mode (danh cho root): Nine ching ta da biéi, d6i véi cée webshell - PHP, wong PHP Configuration e6 nhig option dé han ché tinh nang cua né (de bigt 1a 157 - we dong by pass) nén cng vige dau tign cua cée root account la phai cfip nhat cde phién ban PHP méi nhit va config Iai php.ini : [iJPHP safe mode la phuong, phap 48 gidi quyét vin 48 bao mat cho nhumg noi server chia sé hosting cho nhiéu accounts (shared-server). N6 la do thiét ké 1 céch sai lac ciia timg cp PHP. Hign nay, nhiéu ngwéi da chon phuong phdp bat safe-mode dé bao mat, ac bigt li cae ISP = Céc hug dn vé céu hinh Security and Safe Mode Code: safe_mode: mée dinh : "0" stéa didi phan quyén : PHP_INI_SYSTEM PHP_INI_SYSTEM PHP_INI_SYSTEM safe_mode_gid: mac dinh :"0" tka duréi phan qu safe_mode_include_dir: mac dinh :NULL stta dueéi phan guy‘ safe_mode_exee_dir: mac dinh :""*sita dieéi PHP_INI_SYSTEM safe_mode_allowed_env_vars: mac dink :"PHP_"sira dwéi PHP_INI_SYSTEM safe_mode protected env_vars: miic dinh :"LD_LIBRARY PATH'stia dieéi NGUYEN VUONG NGHI Trang 11 CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER, PHP_INI SYSTEM open_basedir: mae dink :NULL sita ducéi PHP_INI_SYSTEM disable_functions: mac dink :** sia dedi php.ini disable_classes : mac dinh : ""sita diesi php.ini ~ Sau day la cach dé dic chinh cau hinh server dé bat ché a6 safe mode : ‘Trong file php.ini : safe_mode = Off chuyén thanh safe_mode = On - disabled_functions nén chia nhimng funetion sau PHP Code: readjile.system, exec, shell_exec, passthru, pentl_exec, putenv, proc proc_get_status, proc_nice, proc open, proc_terminate, popen, pelose, set_time limit, escapeshellemd, escapeshellarg, al, curl_exee, parse_ini_file, show_source,ini_alter, virtual, opentog = Khi dd, ta vidy PHP Code: I doanchuyennganh doanchuyennganh 33 Jul 1 19:20 script php -rwe-ro-r= 1 root root 1116 May 26 18:01 /etc/passwd ~ Trong seript.php la PHP Code

    You might also like