admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/中间件漏洞/Apache HTTPd 换行解析漏洞 CVE-2017-15715.md

45 lines
995 B
Markdown
Raw Normal View History

update
2024-11-06 14:10:36 +08:00
# Apache HTTPd 换行解析漏洞 CVE-2017-15715
## 漏洞描述
Apache HTTPD是一款HTTP服务器它可以通过mod_php来运行PHP网页。其2.4.0~2.4.29版本中存在一个解析漏洞在解析PHP时`1.php\x0A`将被按照PHP后缀进行解析导致绕过一些服务器的安全策略。
## 漏洞影响
```
Apache HTTPd 2.4.0~2.4.29版本
```
## 环境搭建
```plain
https://github.com/vulhub/vulhub.git
cd vulhub/httpd/CVE-2017-15715
docker-compose up -d
```
启动后Apache运行在`http://your-ip:8080`
## 漏洞复现
直接上传恶意文件会被拦截
![image-20220221173116763](images/202202211731895.png)
抓包修改如下参数,在.php后加入16进制`0a`
![image-20220221181546680](images/202202211815804.png)
响应为200成功绕过
![image-20220221181709176](images/202202211817253.png)
访问文件,成功触发解析漏洞
```
http://192.168.174.128:8080/shell.php%0a
```
![image-20220221181913908](images/202202211819984.png)
Reference in New Issue Copy Permalink