UPUPW PHP probe It is a probe program launched by UPUPW. There are many common probe programs in the market, and Weieis Blog has introduced several of them. This article will introduce the installation, use and characteristics of this probe.
Relevant probe: Introduction to the use of an open source probe X probe (fringe probe)
UPUPW panel: Installation and Use Tutorial of UPUPW Green Server Platform
1. Environment and characteristics
It can be used in the server of windows/linux platform. It is characterized by preventing server path disclosure and XSS vulnerability attacks. It also supports PHP7.2 and is compatible with PHP5.2-PHP5.6 components and parameter detection.
2. This probe can be downloaded from the official website of UPUPW. There are two types of probes on it, one is the general version and the other is the security version. The difference between the two will be discussed later.
3. After unzipping, upload u.php to the root directory of the website. If you use the pagoda panel, use the upload function of the panel instead of SFTP software.
4. Bind a domain name to the server, enter http://domain name/u.php in the browser, and use IP https://IP/u.php You can see the following probe panel.
You can see that the server information and the php function component startup status are displayed above.
The red box is the unique hidden information function of the security probe. Normal information can only be seen after the database connection is verified at the bottom of the page; The general-purpose probe directly displays sensitive information such as ports and paths, which is the difference between the two versions.
You can also see the cache optimization component below. Unfortunately, there is no Memcached.
There are also php parameters, compiled modules, and database connection tests.
The advantage of the UPUPW probe is that while detecting PHP information, it can prevent you from forgetting to delete the probe or avoiding the exposure of the configuration path and phpinfo information when the probe snapshot is cached by the search engine. Because you can search many php probes in any search engine, and all of them expose the website path and configuration address. Some can even access the phpinfo page. If you also forget to delete the probe or save the snapshot by the search engine, this information may pose a security threat to the server.
The appearance of the UPUPW PHP probe security version can not only fully see the server information, but also ensure a high security factor. It is indeed a necessary probe for home travel. Ask Du Niang about search: php probes. There are many probes in the search results, which is equivalent to exposing the server information completely, posing a great threat to security. Therefore, the probe and other programs must be deleted after use.
