Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

一个各种方式突破Disable_functions达到命令执行的shell

Notifications You must be signed in to change notification settings

Katsec/Bypass_Disable_functions_Shell

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

24 Commits

Repository files navigation

Bypass Disable Functions Shell

项目旧文档已迁移到此处

禁用函数列表(希望能做最全的禁用列表,也可以用此做对比进行绕过):

dl,exec,system,passthru,popen,proc_open,pcntl_exec,shell_exec,mail,imap_open,imap_mail,putenv,ini_set,apache_setenv,symlink,link

shell绕过已实现的方式:

  • 常规绕过: exec、shell_exec、system、passthru、popen、proc_open
  • ld_preload绕过: mail、imap_mail、error_log、mb_send_mail
  • pcntl_exec
  • imap_open
  • fastcgi
  • com
  • apache mod-cgi

目录结构:

  • env - docker环境, 用于测试各类绕过exp
  • papar - bypass原理
  • exp - bypass脚本

About

一个各种方式突破Disable_functions达到命令执行的shell

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 99.3%
  • C 0.7%

AltStyle によって変換されたページ (->オリジナル) /