New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

漏洞检测部分误报 #40

Closed

aStrowxyu opened this issue Mar 29, 2021 · 2 comments

aStrowxyu commented Mar 29, 2021

其中poc使用echo + md5的payload检测。当页面中返回这些值的时候判断漏洞存在，会导致一些组件误报。测试代码：

<?php
echo 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
echo file_get_contents("php://input");
?>

误报情况：

命令执行用expr或者set等命令误报会更低

代码执行直接计算md5误报率更低，echo md5("xxx");

Owner

zhzyker commented Mar 29, 2021

已经有模块来处理echo的误报了，0.6重构时量太大忘记了几个，0.7中已经把echo全部加入误报处理中
感谢建议，该问题已在0.7中解决，4月初发布

Owner

zhzyker commented Apr 6, 2021

af84f55 中解决该问题

zhzyker closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment