Skip to content

一个各种方式突破Disable_functions达到命令执行的shell

Notifications You must be signed in to change notification settings

wxfjamdc/Bypass_Disable_functions_Shell

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Bypass Disable Functions Shell

项目旧文档已迁移到此处

禁用函数列表(希望能做最全的禁用列表,也可以用此做对比进行绕过):

dl,exec,system,passthru,popen,proc_open,pcntl_exec,shell_exec,mail,imap_open,imap_mail,putenv,ini_set,apache_setenv,symlink,link

shell绕过已实现的方式:

  • 常规绕过: exec、shell_exec、system、passthru、popen、proc_open
  • ld_preload绕过: mail、imap_mail、error_log、mb_send_mail
  • pcntl_exec
  • imap_open
  • fastcgi
  • com
  • apache mod-cgi

目录结构:

  • env - docker环境, 用于测试各类绕过exp
  • papar - bypass原理
  • exp - bypass脚本

About

一个各种方式突破Disable_functions达到命令执行的shell

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 99.3%
  • C 0.7%