This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* 文字列中のnullバイトを削除する関数 | |
* 引数が配列の場合は、配列の要素に対して再帰的に処理を行う | |
*/ | |
function delete_null_byte($value){ | |
if (is_string($value) === true) { | |
$value = str_replace("\0", "", $value); | |
} elseif (is_array($value) === true) { | |
$value = array_map('delete_null_byte', $value); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function isValidInetAddress($data, $strict = false){ | |
// 次の行は、表示改行されていますが実際は一行です | |
$regex = $strict ? ' /^([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})$/i ' : | |
' /^([*+!.&#$|\'\\%\/0-9a-z^_`{ }=?~:-]+])@(([0-9a-z-]+\.)+[0-9a-z]{2,})$/i '; | |
if(preg_match($regex, trim($data),$matches)){ | |
return array($matches[1], $matches[2]); | |
}else{ | |
return false; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// nullバイトが含まれていた場合は処理終了 | |
if (strpos($_GET['design'], "\0") !== false) { | |
exit(); | |
} | |
// 「red.html」, 「blue.html」以外の読み込み指定があったら処理終了 | |
$allow_files = array('red', 'blue'); | |
if (in_array($_GET['design'], $allow_files, true) === false) { | |
exit(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// basename()関数はバイナリセーフではないため、nullバイト対応を行う | |
if (strpos($_GET['design'], "\0") !== false) { | |
exit(); | |
} | |
// 指定されたファイルをインクルード | |
// basename()関数で不正文字列を除去してインクルードを行う | |
include '/var/www/html/design/' . basename($_GET['design']) . '.html'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* このプログラムは脆弱性のサンプルです。 | |
* 公開サーバに設置しないでください | |
*/ | |
// GET変数で指定があった場合は、出力する$string変数にセット | |
if (isset($_GET['string']) === true) { | |
$string = $_GET['string']; | |
} else { | |
$string = ''; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// 一覧を出力するディレクトリを$dir変数にセット | |
if (isset($_GET['dir']) === true) { | |
// nullバイトを削除 | |
$dir = str_replace("\0", '', $_GET['dir']); | |
} else { | |
$dir = '/'; | |
} | |
// ディレクトリ内のファイル一覧を出力 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* このプログラムは脆弱性のサンプルです。 | |
* 公開サーバに設置しないでください | |
*/ | |
// 一覧を出力するディレクトリを$dir変数にセット | |
if (isset($_GET['dir']) === true) { | |
$dir = $_GET['dir']; | |
} else { | |
$dir = '/'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* エラーレポートの設定を最初(5行目~7行目)に行う | |
*/ | |
ini_set('display_errors', 0); // エラーを画面に出力しない設定 | |
ini_set('log_errors', 1); // エラーをログに記録する設定 | |
ini_set('error_log', '/path/to/php/php_error.log'); // エラーログの指定 | |
// GET変数で指定があった場合は、出力する$string変数にセット | |
if (isset($_GET['string']) === true) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* このプログラムは脆弱性のサンプルです。 | |
* 公開サーバに設置しないでください | |
*/ | |
// 指定されたファイルをインクルード | |
include '/var/www/html/design/' . $_GET['design'] . '.html'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* このプログラムは脆弱性のサンプルです。 | |
* 公開サーバに設置しないでください | |
*/ | |
// 指定されたファイルをインクルード | |
include $_GET['design']; |
NewerOlder