diff options
| author | Julien Voisin | 2023-02-17 15:51:14 +0100 |
|---|---|---|
| committer | GitHub | 2023-02-17 15:51:14 +0100 |
| commit | 19e2cfa72095253b4328a301cc1b829a5fb0f1eb (patch) | |
| tree | 048c1c91b0e5250decaca0c843db7a675009f980 /doc/source/features.rst | |
| parent | 53b3f53b0665fa1d98a63e49e82273ec52e5f9f1 (diff) | |
Improve a bit the documentation
Add another example of file-upload script.
Diffstat (limited to 'doc/source/features.rst')
| -rw-r--r-- | doc/source/features.rst | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst index 60dbbef..90f8a59 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst | |||
| @@ -86,8 +86,6 @@ Having a secret server-side key will prevent anyone (even the user) | |||
| 86 | from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side. | 86 | from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side. |
| 87 | 87 | ||
| 88 | 88 | ||
| 89 | |||
| 90 | |||
| 91 | .. _fileupload-feature: | 89 | .. _fileupload-feature: |
| 92 | 90 | ||
| 93 | Remote code execution via file-upload | 91 | Remote code execution via file-upload |
| @@ -112,6 +110,13 @@ inside the script to ensure the file doesn't contain any valid PHP code, with so | |||
| 112 | 110 | ||
| 113 | $ php -d vld.execute=0 -d vld.active=1 -d extension=vld.so $file | 111 | $ php -d vld.execute=0 -d vld.active=1 -d extension=vld.so $file |
| 114 | 112 | ||
| 113 | One could also filter on the file extensions, with something like this: | ||
| 114 | |||
| 115 | :: | ||
| 116 | |||
| 117 | #!/bin/bash | ||
| 118 | exit $([[ $SP_FILENAME =~ *\.php* ]]) | ||
| 119 | |||
| 115 | 120 | ||
| 116 | Examples of related vulnerabilities | 121 | Examples of related vulnerabilities |
| 117 | """"""""""""""""""""""""""""""""""" | 122 | """"""""""""""""""""""""""""""""""" |