ProHoster > Блог > ozi ịntanetị > adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi

adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi

Ụfọdụ sava Nginx na-anọgide na-adị mfe na Nginx Alias ​​​​Traversal technique, nke akwadoro na ogbako Blackhat laa azụ na 2018 ma na-enye ohere ịnweta faịlụ na akwụkwọ ndekọ aha dị na mpụga akwụkwọ ndekọ aha akọwapụtara na ntuziaka "alias". Nsogbu a na-apụta naanị na nhazi yana ntuziaka “alias” etinyere n'ime ngọngọ “ọnọdụ” nke oke ya anaghị ejedebe na agwa “/”, ebe “alias” na-ejedebe na “/”.

adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi

Isi nsogbu bụ na faịlụ maka ngọngọ nwere ntuziaka utu aha na-eje ozi site na ijikọ ụzọ achọrọ, mgbe atụnyere ya na nkpuchi site na ntuziaka ọnọdụ wee bepụ akụkụ nke ụzọ akọwapụtara na nkpuchi a. Maka ihe atụ nke nhazi adịghị ike nke egosiri n'elu, onye na-awakpo nwere ike ịrịọ faịlụ "/ img../test.txt" na arịrịọ a ga-adaba n'okpuru ihe mkpuchi "/ img" akọwapụtara na ọnọdụ, mgbe nke ahụ gasịrị, ọdụ fọdụrụ "... /test.txt" ga-agbakwunyere n'okporo ụzọ sitere na ntuziaka utu aha "/var/images/" ma mesịa rịọ faịlụ "/var/images/../test.txt". Ya mere, ndị na-awakpo nwere ike ịnweta faịlụ ọ bụla na ndekọ "/ var", ọ bụghị naanị faịlụ na "/ var/images/", dịka ọmụmaatụ, iji budata nginx log, ị nwere ike izipu arịrịọ "/ img../log/ nginx/ access.log".

Na nhazi nke uru ntuziaka utu aha anaghị ejedebe na agwa "/" (dịka ọmụmaatụ, "alias / var/images;"), onye na-awakpo enweghị ike ịgbanwe na ndekọ ndekọ nne na nna, mana ọ nwere ike ịrịọ ndekọ ọzọ na / var. onye aha ya na-amalite na otu akọwapụtara na nhazi. Dịka ọmụmaatụ, site na ịrịọ "/img.old/test.txt" ị nwere ike ịnweta ndekọ "var/images.old/test.txt".

Nnyocha nke ebe nchekwa na GitHub gosipụtara na njehie na nhazi nginx nke na-eduga na nsogbu ahụ ka na-eme na ezigbo ọrụ. Dịka ọmụmaatụ, achọpụtara nsogbu ahụ na azụ azụ nke njikwa paswọọdụ Bitwarden ma enwere ike iji ya nweta faịlụ niile dị na / wdg / bitwarden ndekọ (/ arịrịọ mgbakwunye sitere na /etc/bitwarden/attachments/), gụnyere "vault". .db", akwụkwọ na ndekọ, iji nweta nke zuru ezu izipu arịrịọ "/attachments../vault.db", "/attachments../identity.pfx", "/attachments../logs/api.log ", wdg. .P.

adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi
adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi

Usoro a rụkwara ọrụ na Google HPC Toolkit, nke bugharị arịrịọ / static arịrịọ na ndekọ "../hpc-toolkit/community/front-end/website/static/" ndekọ. Iji nweta nchekwa data nwere igodo nzuzo na nzere, onye na-awakpo nwere ike izipu arịrịọ "/static../.secret_key" na "/static../db.sqlite3".

adịghị ike nhazi Nginx nwere ntọala ngọngọ utu aha na-ezighi ezi


isi: opennet.ru

Tinye a comment