0%

PHP代码审计入坑记录

PHP代码审计入坑记录

包括: 环境搭建,常用工具,相关资料

QQ群:397745473

环境搭建

[phpstudy] https://www.xp.cn/download.html

[sublime text 2] https://www.sublimetext.com/2

插件:

Package Control

1
import urllib2,os,hashlib; h = '6f4c264a24d933ce70df5dedcf1dcaee' + 'ebe013ee18cced0ef93d5f746d80ef60'; pf = 'Package Control.sublime-package'; ipp = sublime.installed_packages_path(); os.makedirs( ipp ) if not os.path.exists(ipp) else None; urllib2.install_opener( urllib2.build_opener( urllib2.ProxyHandler()) ); by = urllib2.urlopen( 'http://packagecontrol.io/' + pf.replace(' ', '%20')).read(); dh = hashlib.sha256(by).hexdigest(); open( os.path.join( ipp, pf), 'wb' ).write(by) if dh == h else None; print('Error validating download (got %s instead of %s), please try manual install' % (dh, h) if dh != h else 'Please restart Sublime Text to finish installation')

从菜单 View - Show Console 或者 ctrl + ~ 快捷键,调出 console。将以下 Python 代码粘贴进去并 enter 执行

Ctags, PHPTidy, ConvertToutf8

1
2
3
4
5
6
{
"cmd": ["php","$file"],
"file_regex":"php$",
"selector":"source.php"

}

参考: https://www.moreofless.co.uk/sublime-text-php-build-system/

Build system

Firefox

插件:FoxyProxy Standard,Hackbar,ModifyHeaders,User Agent Switcher,Firebug

https://www.freebuf.com/sectool/35250.html

Burp Suite

http://scz.617.cn:8/misc/201910151519.txt

vMysqlMonitoring

WEB 编码转换工具 : http://www.jsons.cn/utf8/

Notepad++

常用工具

文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具):

https://github.com/TheKingOfDuck/FileMonitor

MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具) :

https://github.com/TheKingOfDuck/MySQLMonitor

https://github.com/virink/vMysqlMonitoring

rips官网:http://rips-scanner.sourceforge.net/

相关资料

你真的会代码审计吗? https://zhuanlan.zhihu.com/p/22417081

代码审计总结 http://blog.orleven.com/2018/02/13/code-audit-summary/

php代码审计 https://www.bilibili.com/video/av52805789/

靶场: https://vulhub.org/

文件包含维持后门权限:

http://www.e-wolf.top/index.php/archives/85/

https://www.freebuf.com/articles/web/127806.html

安全行业Blogs:

[浩翰Redamancy] https://plutoacharon.github.io/

[星际黑客] https://www.xj.hk/

[virzz] https://www.virzz.com/

[小学生] https://xxs2.cn

[雨苁] https://www.ddosi.com/

[a301] https://www.zhihu.com/people/hi_301/posts

[黑白网] https://www.heibai.org/

[HatBoy] https://hatboy.github.io/

[离别歌] https://www.leavesongs.com/

[黑暗旋律] https://b.nop.pw/

[nilchar] https://nilchar.com/

[taroballz] http://www.taroballz.com/

[fossbytes] https://fossbytes.com/

[TRY博客] http://www.nctry.com/

[西门吹雪个人网盘] http://pan.ximcx.cn/home

[thief] https://thief.one/

[国外-patilpiyush] https://medium.com/@patilpiyush

QQ群:397745473

欢迎关注我的其它发布渠道