75
使用PHP安全检测拓展Taint检测你的PHP代码 (附源码分析) - 简书
source link: https://www.jianshu.com/p/c6dea66c54f3?
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
一.拓展简介 Taint是鸟哥写的一个PHP拓展 支持PHP5.2~PHP7.2。拓展启用后能监控某些关键函数是否直接使用了来源于用户输入($_GET,$_POST,$COOKIE)而没有经过特殊处理的字符串。 举个例子,在你web服务器的根目录下创建一个如下的taint.php文件 当Taint启动后,访问http://host/taint.php?test=dog执行该脚本会收到如下的警...
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK