阅读 71

EasyAdmin上传文件漏洞

 默认的上传没有 mime头验证,会有被人上传脚本的风险;

   /**
     * 上传文件 \app\admin\controller\Ajax.php
     */
    public function upload()
    {
        $data = [
            ‘upload_type‘ => $this->request->post(‘upload_type‘),
            ‘file‘        => $this->request->file(‘file‘),
        ];
        $uploadConfig = sysconfig(‘upload‘);
        empty($data[‘upload_type‘]) && $data[‘upload_type‘] = $uploadConfig[‘upload_type‘];
        $rule = [
            ‘upload_type|指定上传类型有误‘ => "in:{$uploadConfig[‘upload_allow_type‘]}",
            // ‘file|文件‘              => "require|file|fileExt:{$uploadConfig[‘upload_allow_ext‘]}|fileSize:{$uploadConfig[‘upload_allow_size‘]}",
            ‘file|文件‘              => "require|file|fileExt:{$uploadConfig[‘upload_allow_ext‘]}|fileMime:{$uploadConfig[‘upload_allow_mime‘]}|fileSize:{$uploadConfig[‘upload_allow_size‘]}",
        ];
        $this->validate($data, $rule);
        try {
            $upload = Uploadfile::instance()
                ->setUploadType($data[‘upload_type‘])
                ->setUploadConfig($uploadConfig)
                ->setFile($data[‘file‘])
                ->save();
        } catch (\Exception $e) {
            $this->error($e->getMessage());
        }
        if ($upload[‘save‘] == true) {
            $this->success($upload[‘msg‘], [‘url‘ => $upload[‘url‘]]);
        } else {
            $this->error($upload[‘msg‘]);
        }
    }

 

旧的上传只是验证文件后缀,容易被hacker 利用上传test.php.jpg 增加mime 头判断增强上传 文件的格式验证;

注意:增加后需要在配置文件中,配置相关的 mime文件头;

 

文章来源:欢迎关注公众号、留言、评论,一起学习。

__________________________________________________________________________________

若有帮助到您,欢迎点击推荐,您的支持是对我坚持最好的肯定(*^_^*)

原文:https://www.cnblogs.com/lovebing/p/15161963.html
文章分类
代码人生
文章标签
easyadmin
文件
漏洞
版权声明:本站是系统测试站点,无实际运营。本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容, 请发送邮件至 XXXXXXo@163.com 举报,一经查实,本站将立刻删除。
相关推荐