|
(2) Medium level
- <?php
-
- if( isset( $_POST[ 'Upload' ] ) ) {
- // Where are we going to be writing to?
- $target_path = DVWA_WEB_PAGE_TO_ROOT . "hackable/uploads/";
- $target_path .= basename( $_FILES[ 'uploaded' ][ 'name' ] );
-
- // File information
- $uploaded_name = $_FILES[ 'uploaded' ][ 'name' ];
- $uploaded_type = $_FILES[ 'uploaded' ][ 'type' ];
- $uploaded_size = $_FILES[ 'uploaded' ][ 'size' ];
-
- // Is it an image?
- if( ( $uploaded_type == "image/jpeg" || $uploaded_type == "image/png" ) &&
- ( $uploaded_size < 100000 ) ) { #只判断了MIME
-
- // Can we move the file to the upload folder?
- if( !move_uploaded_file( $_FILES[ 'uploaded' ][ 'tmp_name' ], $target_path ) ) {
- // No
- echo '<pre>Your image was not uploaded.</pre>';
- }
- else {
- // Yes!
- echo "<pre>{$target_path} succesfully uploaded!</pre>";
- }
- }
- else {
- // Invalid file
- echo '<pre>Your image was not uploaded. We can only accept JPEG or PNG images.</pre>';
- }
- }
-
- ?>
上面的代码加入了MIME判断,所谓的MIME判断是在请求头中的一个字段,用来指示文件类型,方便服务器进行对应的处理,只要抓包就可以随意修改,达到欺骗服务器的目的。(更多的解释可以查看:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types) (编辑:成都站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
