LOI MO DAU
Cang v6i su phat trién cia cng nghé théng tin, cong nghé mang may tinh va swe
phat trién cia mang intemet ngay cing phat trién da dang va phong phi. Céc dich vy
trén mang da tham nh§p vao hau hét cde linh vuc trong ddi séng xa hoi. Cac thong tin
tren Intemet cing da dang vé n6i dung vi hinh thite, trong d6 e6 rit nhigw thdng tin
dn duge bdo mft cto hon bai tinh kinh té, tinh chinh xéc va tink tin e@y eta né.
Ben canh 6, céc hinh thire pha hoai mang eiing tre nén tinh vi va phite tap hon. Do
46 di véi mdi hé théng, nhiém vy bio mét duge dat ra cho ngudi quan tri mang la hét
site quan trong va can thiét. Xuat phat tir nhing thye té dé, chiing ta sé tim hiéu vé cic
cach tn cong phd bién nhdt hign nay va cde phong chéng cae logi tin cong nay.
Chinh vi vay, thng qua vige nghién etm m@t sé phuong phép tin edng va edch bao
mat cae loa tén cng nay,t6i mong muén gép mot phan nho vao vige nghién ciru vi
hiéu vé cdc van dé an ninh mang gitip cho vige hoc tép va nghién etru,
‘Toi xin chan thanh cm on sur hudng dn cia Thay Dang Ngoc Cuong la thay true
tip huéng dan dé dn chuyén nganh cho t6i, gidip ti c6 thé hoan thanh 46 an nay.
1. Ly do chon dé tai
Trong nhiing nam gin das
. Vigt Nam ngdy cing phit srién va ahdt li vé mat cng
nghé thong tin, Bac bigt Ia vé img dung web, hiu nhu moi ngudsi ai cing timg nghe va
Jam vige trén tmg dung web, Website tro nén phd bién va tro thanh mot phan quan.
trong ciia moi ngui va nhit fede doanh nghigp, cong ty. Ben canh dé IY do an ton
bao mét cho img dung web Indn la vin dé nan gidi cba moi nguéi.Vi vay ching ta s8
di tim hiéu tg dung web va cach thire tn cdng va bao mat web.
2. Mye tigu
an dé
Giap ching ta c6 thé hiéu hon vé cae ing dung website, cic méi de doa vé
an ton thong tin khi ching ta kim vige trén img dung web hang ngiy, hiéu ro hon v8
céc ky thudt tin céng va bio mat web.
3. Pham vi
Tim higu céc ky thudt tin cong phd bién nhat hign nay nhu SQL Injection, Denial
én tren
Of Service, Local Attack,...Cich bao mat, phong tha céc loai tn cong phé
mot cach tng quan nhatCAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
MUC LUC
CHUONG 1 4
TONG QUAN VE WEBSITE, CAC DICH VU CUA WEBSITE VA LOI BAO MAT
THONG DUNG so 4
1.1. M6 ta Website va each hoat dong. 4
1.2. Cée dich vu va ting dung trén nén web 5
CHUONG 2. 6
CAC LOAI TAN CONG VA BAO MAT UNG DUNG WEB PHO BIEN 6
2.1, LOCAL ATTACK 6
2.1.1. Tim hiéu vé Local Attack 6
2.1.2. Céch tin céng Local Attack 8
2.1.3. Céch bio mat cho Local Attack 10
2.4, Cie e6ng cu hd tro . wl
2.2. Tan cng tir chéi dich vu - (Denial Of Service) 15
2.2.1, DOS(Denial Of Service) 15
2.2.2, Ddos(Distributed Denial of Service) ....ennansnnnnnnansen ene
2.2.3. Tan c6ng tr chéi dich vu phan xa nhiéu ving DRDOS (Di
Reflection Denial of Service) PEs Tei 80)
2.3. SQL Injection Cs Pt 8)
2.3.1. Tin céng SQL injection 132
2.3.2.Céich Phong Tran SQL Injection ..... At
2.4, Cross Site Scripting (XSS)... 46
2.4.1, Tan cong XSS PEE eet eee eee ee Ag
Phong chong. : : Ft : soonest 49
CHUONG 3. PEt ee tet ee beer oe ee
DEMO, DANH GIA VA HUONG PHAT TRIEN DE TAL 50
NGUYEN VUONG NGHI ‘Trang 2CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
3.1. Demo, 50
3.2. Két Iudin 51
3.2.1, Cée van dé dat duge 51
3.2.2. Han ché. 52
3.2.3, Hung phat trién dé tai 52
NHAN XET CUA GIANG VIEN HUONG DAN 54
NHAN XET CUA GIANG VIEN PHAN BIEN. 55
NGUYEN VUONG NGHI Trang 3CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
CHUONG 1
TONG QUAN VE WEBSITE, CAC DICH VU CUA WEBSITE VA LOI
BAO MAT THONG DUNG.
1.1. Mé ti Website va edich hoat dong
Website ki mot “trang web” trén mang Intemet, day 14 noi gidi thigu nhtng
thdng tin, hinh anh vé doanh nghigp vi sin phim, dich vy ea doanh nghigp (hay gigi
thigu bat cir thng tin gi) dé khach hang c6 thé truy cp o bat ky noi dau, bat cit lite
nio.
Website la tap hop nhiéu trang [web page]. Khi doanh nghigp xay dyng website
nghia la dang xy dyng nhiu trang thong tin, catalog sin phim, dich vy...Dé tao nén
mt website cin phai 06 3 yéu t6 co ban:
in phai ¢é tén mién (domain).
Noi hu trit website (hosting).
#Noi dung cae trang thong tin [web page}.
‘Mot s6 thuat ngit co ba:
Website dong (Dynamic website) la website ¢6 co sé dir ligu, duge cung cip
cong cu quan ly website (Admin Tool). Bac diém cia website déng li tinh linh hoat va
in tren website
6 thé cp nhat thong tin thurimg xuyén, quain I ede thin ph ding
Loai website nay thurdng duge viét bing cée ngén ngit lap trinh nhu PHP, Asp.net,
JSP, Perl. quai tr] Co $6 dt ligu bing SQL hoae MySQL.
Website tinh do lgp trinh bing ngon ngit HTML theo timg trang nhur brochure,
Khong c6 co si dit ligu va khong c6 cong cy quan ly thong tin trén website. Thong
thuémg website tinh duge thiét ké bing cée phn mém nhir FrontPage, Dreamwaver
Dac diém cua website tinh la it thay doi ndi dung, su thay doi ndi dung nay thuong
ign quan dén sv thay d6i cde van ban di kém thé hign noi dung trén d6,
Hign nay, hu hét céc doanh nghiép déu sir dung website dong, thé hé cong
nghé website duge mgi ngudi biét dén la web 2.0.
- Tén mién (domain): Tén mién chinh 1a dia chi website, én intemet chi tén tai duy
nihat mt dia chi (ite ttn tai duy nhaét mot tén min), C6 2 oat tén mi
= Tén mign Quée té la tén mién 6 dang com: net; org; biz; name
NGUYEN VUONG NGHI Trang 4CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
= Tén mign Vigt Nam: 1a tén min c6 dang .vn; .com.vn; net.vn; org.vn; .gov.vn;
~ Liru trir website: Di ligu thong tin cia website phai durge iru tr trén mOt may tinh
(may chit - server) luén hogt déng va két néi véi mang Intemet, Mot server ¢6 thé hint
trit nhidu website, néu server nay bj sy cb ching hgn tit trong mt thoi diém nao 46 thi
Ichéng ai 6 thé tray cap duge nhimg website luu trit trén server tai thoi diém bi sy c6.
~ Tay theo nhu edu lira tr thong tin ma doanh nghigp e6 thé thué dung lung thich
hop cho website [thué dung long host].
~ Dung lurgng host: La noi dé hu co s6 tri dit Tigu ciia website (hinh anh, théng tin
), don vi do dung long thurémg li Mb hode Gb.
~ Bang thong hay dung Inong dung truyén truyén: La ting sé Mb dit ligu tai lén may
chit hode tai vé tir may ch @ownload, upload) noi dgt website, don vj do thong
thudng Ia Mb/Thing.
1.2. Cae dich vy va tng dung trén nén web:
Voi cong nghé hign nay, website khOng chi don gin Li m@t trang tin cung cp
cée tin bai don gin, Nhting img dung viét «én nén web khong chi duge goi ki mot
phin cia website ntta, gid day ching durge goi 1a phn mém viét én nén web.
Cé rit nhiéu phdn mém chay trén nén web nhu Google word (xir ly van bin), Google
spreadsheets (xit ly bang tinh), Email ,.
‘M6t s6 wu diém ciia phan mém hay img dung chay trén nén web:
* — Moi ngudi déu c6 trinh duyét va ban chi can trinh duyét dé chay phin mém.
+ Phin mém fuén ludn duge cp nhgt vi ching chay trén server
+ Luén sin sing 2477
+ Di
ing backup dir ligu thurdmg xuyén
+ Co thé try edip moi ic, moi noi, mign li ban 68 mang
+ Chi phi trién khai cyte ré so vi phan mém chay trén desktop
Hay hinh dung ban c6 mot phan mém quan ly ban hang hay quan ly cing vige &
cong ty. Khong phai hic nao ban cing 6 cing ty, voi phn mém viét trén nén web, ban
6 thé vio kiém tra, digu hanh 6 bat it dau, thém chi ban chi cin mét chiée dign thoai
chay duge trinh duyét nhur IPhone ma khéng can dén mot chiée may tinh.
NGUYEN VUONG NGHI ‘Trang §CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
CHUONG 2
CAC LOAI TAN CONG VA BAO MAT UNG DUNG WEB PHO BIEN
2.4. LOCAL ATTACK
2.1.1. Tim higu vé Local Attack
= Local attack la m@t trong nhiing kiéu hack rét phd bidn va khéng durge khuyén
diing.Déi mot web server thong thurdmg Khi ban ding ky’ mt ti Khodn trén server mio
46 ban sé durge cp mot tai khoan trén server 46 va mot thu myc dé quan ly site cha
minh,
iu : tenserver/tentaikhoancuaban, Va nhwr viy cling e6 mét tai khoan cia
ngudi ding khde twong ty nhu : tenserver/taikhoan! Gia sir taikhoan! bj hacker chi
durge thi hacker c6 thé diing cae tha thusi,eaie doan scrip.cdc dogn ma Ignh dé truy cap
sang thir mye chita site etia ban li tenserver/taikhoancuaban, Va cting theo cach nay
hacker c6 thé tin cong sang cde site ca ngudi ding khdc va c6 thé lay thong tin
admin,database,cée thong tin bio mat khae hoc chén cdc doan ma dée vio trang index
cia site ban, Dang tn céng trén goi li Local Attack
= Thong thug mht, Local Attack durge sir dung dé doc ldy théng tin config tit
vietim, sau dé dya vao thong tin 6 config va myc dich cua hacker dé ph hoai website
2.1.2. Cich tén cng Local Attack
= Dé thy hign tin céng Local Attack, ty theo eich thite ca hacker ma c6 abiing
cach Local khae nhau, Thong thudng thi cae hacker thudng sit dung céc doan lénh dé
tin cong vao database.
2.1.2.1. Chuén bj
~ Trude tién phai c6 mét con PHP/ASPICGI backdoor trén server. Backdoor thi ¢6
rat nhidu loai khac hau nhung phd bién nhat li phpRemoteView (thing duge goi la
remview) R57Shell, CGITeInet,C99,...Tién hnh upload cae cong cu 6 trén len,
thudmg la cae con shell nhur RS7,C99,
- Upload mt trong nhing cong cu dé én host (Thurimg thi chiing ta sir dung ede con
shell R57,C99,... vind manh va d8 sir dung)
= Bé c6 host ching ta c6 nhidu cic
NGUYEN VUONG NGHI Trang 6CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
+ Mua mot edi host(edch nay hacker it sir dung vi nhidu ly do nhumg ly do co ban vin
14 ton tign ma Khi up shell 1én néu bj admin cia server phat hign sé bj del host,.. Véi
ich nay thi sau khi Local xong thi nén x6a ede con shell ngay lap tite.
+ Hack mét trang bj Ii va upload shell Ién (thurang thi hacker sit dyng SQL Injection
48 hack m@t trang web va chiém tai khodn admin cia trang web 46 va upload ede con
shell Ién)hode Khai thée I6i inclusion
+ Search backdoor (Vao google.com search keyword: <2phpRemoteView?> , r57Shell
+). Voi céch nay thi hau hét cdc con shell 1a cia céc hacker da sir dung va chwa bi xa,
néu duge thi ching ta nén upload cho ching ta mét con shell Khée
2.1.2.2.Tién hinh Attack
~ Sau khi ching ta chuan bj xong, tite la upload duge con shell Ién 1 server nio
446. Chiing ta bit diu tim cdc website cing server ma ban da up shell Ign, théng thug
cée hacker thudmg sit dung Reverse Ip domain ma hacker da upload shell dé xem ce
website cing server
~ Sau Khii tim duge danh sich website lin hugt check xem site nao bj Ibi va 66 thé
loci
sang durge
Pic Kénh thugng ding trong shell dé Local Attack
Xem tén domain trén ciing 1 host
Is -la fetc/valiases
ed /etcdomainaliases;ts tia
- Trung hep dic bigt khi khong thé xem user nim cing host thi ta thém && vio
ed /etchdomainaliases &é& ls lia
= Muén biét tén user thi ding Iénh
cat /ete/passwd/
Hoe
less /ete/passwd
+ local sang vietim, tir li local sang site Khéc
vi du hin tai con shell chiing ta dang &
‘Ahome/abed/public_htmi
thi ching ta s@ local sang nhu sau
NGUYEN VUONG NGHI ‘Trang 7CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
dir home/tén user edn local/public_html
- Mudn biét tén user can local sang thi chting ta sir dung Reverse Ip dé lay danh séch
user trén cing m6t server. Mudn biét user 46 cé ton tai hay khong ching ta mé trinh
duygt. web lén va dinh doan : Ip cila_ server/
ten user (Vi dy
203.166.222.121/-doanchuyennganh), Néu trinh duyét hign én trang index ciia
website thi tire ld user d6 tn tai
+Xem ndi dung cia file
cat /home/tén user can local/public_himl/index.php
Hoe
Ching ta muén xem config eta 1 forum thi ding
In-s (homettén user cén local/public_hemlfforum/includes/config, php
doanchuyennganh.txt
‘V6i doanchuyennganh.wxt 6 day Ia file chting ta tgo ra trén host eta ching ta dé xem
file ca nguri khdée ! Néu khong sir dung duge cdc Iénh trén tite fa server da disable
hire nang d6.
‘Them 1 sé lgnh shell trong linux
- pwd: dura ra ngoai man hinh thu myc dang hogt dng (vi du: /ete/ssh).
~ ed: thay d6i thur mye (vi dy: ed .. ~ ra mt edp thir mye hign tai; ed vidu ~ vio thr
mye (vid),
- Is: dara danh sich ni dung thar mye,
~ mkdir: tao thur muc méi (mkdir tén_thumuc).
= touch: tgo file méi (touch ten_file).
= rmdir: bo mot ther muc (rmdir ten_thamuc).
ep: copy file hod thir muc (ep file_ngudn file_dich).
- my: di chuyén file hoe thir mue; cting duge ding dé dat Igi tén file hoge thir muc
(inv vi_tri_c@ vi_tri_méi hoe mv tén_cdi én_méi),
= 1m: logi bd file (rm tn_file).
= Bé tim ki
file, ban c6 thé ding:
ind : ding cho cac tén file. - grep <>: dé tim ngi
dung trong file
‘BE xem mot file, ban 66 thé ding:
- more : hién thi file theo timg trang,
NGUYEN VUONG NGHI ‘Trang 8CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
= cat <>: hién thj tit ca file.
~ Néu mudén két ndi tii m6t host tir xa, sir dung Ignh ssh. Cit phap la ssh ,
Quan Iy hg thong:
- ps: hin thi ede chuomg trinh hign thai dang chay (rit hdu ich ps lei nhin ton 66
vé tit cd cae chung trinh),
~ Trong danh sich dua ra khi thc hign Kénh ps, ban sé thay 6 s6 PID (Process
identification - nhin dang tién trinh),
Con 6 nay sé dugc hoi dén khi muén ngimg mét dich vu hay img dung, diing lénh kill
~ top: hoat dng kha gidng nhu Task Manager trong Windows. Né dura ra théng tin vé
tit cd tai nguyén hg théng, cdc tién trinh dang chay, t6e d@ load trung bink... Lénh top
-d thiét Ip khoang thoi gian lam twoi lai hg théng, Ban co thé dat bat ky gid
tri ndo, tir.1 (tite 10 mili gidy) t6i 100 (tire 100 gidy) hose thm chi kim hon.
~ uptime: thé hign thai gian ca he thing va te d load trung binh trong khosing thi
ian dé, trude day la 5 phuit va 15 phat
‘Thong thurimg t5c 46 load trung binh durge tinh todn theo phan tram tai
nguyén hé théng (vi ar ly, RAM, & ctmg vio‘ra, tbe 46 load mang) duge ding
tai mot thdi diém. Néu téc 46 duge tinh todn 1a 0.37, tte e6 37% ti nguyén
duge sir dung. Gid trj lin hon nhw 2.35 nghia la hé thong phai dgi mot s6 da
ligu, khi 46 n6 sé tinh toan nhanh hon 235% ma khong gap phai vin dé gi
‘Nhung giita cae phan phéi o6 thé khac nhau mot chat,
- fice: hién thi théng tin trén b6 nhé hé théng.
- ifeonfig : dé xem théng tin chi tiét vé cfc giao dign mang; thong
thuring giao dign mang ethemet c6 tén la eth(. Ban c6 thé cdi dat ede thiét Kap mang.
hur dia chi IP hode bing céch ding lénh nay (xem man ifeonfig). Néu e6 di
gids
chura chinh xac, ban e6 thé stop hoge start (tite ngimg hose Khoi_ddng) giao dign bing
ich ding Ignh ifconfig up/down.
= passwd: cho phép ban thay di mat khéu (passwd ngudi_dimg_sé_hitu_mst_khiu
hode tén ngs ding khe néu ban dang nhap hé thing véi vai tr root)
~ useradd: cho phép ban thém ngurdi ding mdi (xem man useradd),
Di 6 phan phéi nao, ban cing c6 thé ding phim TAB dé ty déng hodn chinh mot lénh
hoae tén file, Digu nay rit hitu ich khi ban quen véi ede Ignh, Ban cling 6 thé sit dung.
NGUYEN VUONG NGHI ‘Trang 9CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
cde phim lén, xuéng dé cugn xem cae Iénh da nhap. Ban cé thé ding Iénh da dong tren
mot dong. Vi dy nhu, néu mudn tgo ba thu myc chi trén mot dong, ct phap cb thé 1a:
mkdir thy muc_1 ; mkdir tha_mye_2.; mkdir th_mye 3.
Mt digu thi vi khée nita Ia cfc Igah dang pipe. Ban c6 thé xuét mét lénh thong
qua Ignh khéc, Vi du: man mkdir | tal sé dua ra théng tin cde dong cudi cing trong
trang xem "thi cong" cua lénh mkdir.
Néu Iie nio 4 duge yeu clu phai ding nhgp véi tai khodn gbc (tire "sieu'
admin cia hé théng), ban cé thé diing nhdp tam théi biing cdéch ding Iénh su. Tham sb
-1 (su-1) ding dé thay di thur muc chii va cho cdc Iénh da hoe dang ding. Chit ¥ ta
ban cing sé duge nhie m6t mét khau. Dé thoat hay déng : g6 exit hoac logout.
2.1.3. Céch bio mgt cho Local Attack
Dé han ché Local Attack, chiing ta nén Chmod filemanager .di chuyén file
config.php va sira déi file htaccess va nhat ld thurdmg xuyén backup dit ligu
-Chmod File Manager:
+ CHMOD thir muc Public_html thanh 710 thay vi 750 mae dinh vige nay s® gitip ban
bio vé duge edu trie Website ciia minh,
+ CHMOD tigp cae thir muc con (diendan (http://diendan.doanchuyennganh.com),
CHMOD thy muc diendan (hupy/
CHMOD tiép cdc thr mye con trong thu myc diendan
jendan.doanchuyennganh.com) thinh 701, 161
(huip:/diendan.doanchuyennganh.com) thanh 701
+ CHMOD todn bd file thanh 404
‘Véi CHMOD chic chin khi run shell sé hign ra thong bao Ii:
Not Acceptable An appropriate representation of the requested resource
‘hest.php could not be found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an
ErrorDocument to handle the request.
Attacker s® khong view duge.
NGUYEN VUONG NGHI Trang 10CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
= Ngoai ra_, mOt s6 site thi ban truy ep bing subdomain cia né ma khéng [a dang
doanchuyenganh.com/diendan (hitp://diendan.doanchuyennganh.com), ci nay ¢6
nhieu y nghia, nhung trong bao mét thi nd sé rat khac,
+ CHMOD thu myc la 701 va 66 ging dimg bao gi CHMOD 777, c6 mat sé folder
ko quan trong, ban c6 thé CHMOD 755 dé c6 thé hign thi ding va day dai mot s8 noi
dung trong Folder 46. Chii y thé nay, mot s6 Server hd try CHMOD thy mue durge
101, néu Server cita ban hd trg cdi nay thi hay sir dung n6, vi bign phip CHMOD nay
rat an toan, dén ngay ca Owner cling ko thé xem duge cau tric Folder ngay ca khi vio
FTP. Hign chi e6 Server ciia Eshockhost.net li hi try cdi nay
+ CHMOD File 1a 604 va dimg bao git dé li 666 néu e6 vige cin 666 thi ching ta
CHMOD tam dé sir dung lite 6, sau d6 hay CHMOD Iai ngay. Béi voi cdc Server hd
tro CHMOD file 404 chiing ta hay CHMOD nhwr vay, vi du Server Eshockhostinet
= Thay déi cdu trite, t€n file mae dinh c6 chita ede théng tin quan trong . Néu o6 thé
hay thay d4i ca cdu trie CSDL néu ban lim duge
~Chéng local bing cach bat safe-mode (danh cho root):
Nine ching ta da biéi, d6i véi cée webshell - PHP, wong PHP
Configuration e6 nhig option dé han ché tinh nang cua né (de bigt 1a 157 - we
dong by pass) nén cng vige dau tign cua cée root account la phai cfip nhat cde
phién ban PHP méi nhit va config Iai php.ini : [iJPHP safe mode la phuong,
phap 48 gidi quyét vin 48 bao mat cho nhumg noi server chia sé hosting cho
nhiéu accounts (shared-server). N6 la do thiét ké 1 céch sai lac ciia timg cp
PHP. Hign nay, nhiéu ngwéi da chon phuong phdp bat safe-mode dé bao mat,
ac bigt li cae ISP
= Céc hug dn vé céu hinh Security and Safe Mode
Code:
safe_mode: mée dinh : "0" stéa didi phan quyén : PHP_INI_SYSTEM
PHP_INI_SYSTEM
PHP_INI_SYSTEM
safe_mode_gid: mac dinh :"0" tka duréi phan qu
safe_mode_include_dir: mac dinh :NULL stta dueéi phan guy‘
safe_mode_exee_dir: mac dinh :""*sita dieéi PHP_INI_SYSTEM
safe_mode_allowed_env_vars: mac dink :"PHP_"sira dwéi PHP_INI_SYSTEM
safe_mode protected env_vars: miic dinh :"LD_LIBRARY PATH'stia dieéi
NGUYEN VUONG NGHI Trang 11CAC PHU'ONG THUC TAN CONG & PHONG THU WEB SERVER,
PHP_INI SYSTEM
open_basedir: mae dink :NULL sita ducéi PHP_INI_SYSTEM
disable_functions: mac dink :** sia dedi php.ini
disable_classes : mac dinh : ""sita diesi php.ini
~ Sau day la cach dé dic chinh cau hinh server dé bat ché a6 safe mode :
‘Trong file php.ini :
safe_mode = Off chuyén thanh safe_mode = On
- disabled_functions nén chia nhimng funetion sau
PHP Code:
readjile.system, exec, shell_exec, passthru, pentl_exec, putenv, proc
proc_get_status, proc_nice, proc open, proc_terminate, popen, pelose, set_time limit,
escapeshellemd, escapeshellarg, al, curl_exee, parse_ini_file, show_source,ini_alter,
virtual, opentog
= Khi dd, ta vidy
PHP Code:
I doanchuyennganh doanchuyennganh 33 Jul 1 19:20 script php
-rwe-ro-r= 1 root root 1116 May 26 18:01 /etc/passwd
~ Trong seript.php la
PHP Code