PHP代码审计入坑记录
包括: 环境搭建,常用工具,相关资料
QQ群:397745473
环境搭建
[phpstudy] https://www.xp.cn/download.html
[sublime text 2] https://www.sublimetext.com/2
插件:
Package Control
1 | import urllib2,os,hashlib; h = '6f4c264a24d933ce70df5dedcf1dcaee' + 'ebe013ee18cced0ef93d5f746d80ef60'; pf = 'Package Control.sublime-package'; ipp = sublime.installed_packages_path(); os.makedirs( ipp ) if not os.path.exists(ipp) else None; urllib2.install_opener( urllib2.build_opener( urllib2.ProxyHandler()) ); by = urllib2.urlopen( 'http://packagecontrol.io/' + pf.replace(' ', '%20')).read(); dh = hashlib.sha256(by).hexdigest(); open( os.path.join( ipp, pf), 'wb' ).write(by) if dh == h else None; print('Error validating download (got %s instead of %s), please try manual install' % (dh, h) if dh != h else 'Please restart Sublime Text to finish installation') |
从菜单 View - Show Console 或者 ctrl + ~ 快捷键,调出 console。将以下 Python 代码粘贴进去并 enter 执行
Ctags, PHPTidy, ConvertToutf8
1 | { |
参考: https://www.moreofless.co.uk/sublime-text-php-build-system/
Build system
Firefox
插件:FoxyProxy Standard,Hackbar,ModifyHeaders,User Agent Switcher,Firebug
https://www.freebuf.com/sectool/35250.html
Burp Suite
http://scz.617.cn:8/misc/201910151519.txt
vMysqlMonitoring
WEB 编码转换工具 : http://www.jsons.cn/utf8/
Notepad++
常用工具
文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具):
https://github.com/TheKingOfDuck/FileMonitor
MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具) :
https://github.com/TheKingOfDuck/MySQLMonitor
https://github.com/virink/vMysqlMonitoring
rips官网:http://rips-scanner.sourceforge.net/
相关资料
你真的会代码审计吗? https://zhuanlan.zhihu.com/p/22417081
代码审计总结 http://blog.orleven.com/2018/02/13/code-audit-summary/
php代码审计 https://www.bilibili.com/video/av52805789/
文件包含维持后门权限:
http://www.e-wolf.top/index.php/archives/85/
https://www.freebuf.com/articles/web/127806.html
安全行业Blogs:
[浩翰Redamancy] https://plutoacharon.github.io/
[星际黑客] https://www.xj.hk/
[virzz] https://www.virzz.com/
[小学生] https://xxs2.cn
[a301] https://www.zhihu.com/people/hi_301/posts
[黑白网] https://www.heibai.org/
[HatBoy] https://hatboy.github.io/
[离别歌] https://www.leavesongs.com/
[黑暗旋律] https://b.nop.pw/
[nilchar] https://nilchar.com/
[taroballz] http://www.taroballz.com/
[fossbytes] https://fossbytes.com/
[TRY博客] http://www.nctry.com/
[西门吹雪个人网盘] http://pan.ximcx.cn/home
[thief] https://thief.one/
[国外-patilpiyush] https://medium.com/@patilpiyush
QQ群:397745473