姓名 |
陳靖德(Ching-Te Chen)
查詢紙本館藏 |
畢業系所 |
資訊工程學系 |
論文名稱 |
(PDE: A Solution to Detect Malicious PHP Scripts)
|
相關論文 | |
檔案 |
[Endnote RIS 格式]
[Bibtex 格式]
[相關文章] [文章引用] [完整記錄] [館藏目錄] 至系統瀏覽論文 (2025-6-30以後開放)
|
摘要(中) |
從 PHP(PHP: Hypertext Preprocessor)被發明至今已經 25 年了,現在還是人們廣為使用的程式語言之一,特別是在 Web 應用服務上。但因為它的易使用性,人們常常寫出不安全的腳本(Script),或是使用錯誤的配置,導致伺服器被注入惡意的 PHP 腳本,進而取得伺服器的控制權,或是盜取機敏資料。
此篇論文實作一套解決方案,名為 PDE(PHP Defense Extension),讓 PHP 在執行腳本前,能夠辨識出可能是惡意的腳本,並拒絕執行。 |
摘要(英) |
It has been 25 years since PHP (PHP: Hypertext Preprocessor) was invented, and it is still one of the widely used programming languages, especially in web applications. But because of its ease of use, people often write insecure scripts, or use the wrong configuration, resulting in a server being injected with malicious PHP scripts, and then gaining control of the server, or stealing confidential information.
This paper implements a solution called PDE (PHP Defense Extension), which allows PHP to identify a potentially malicious script before executing the script and refuses to execute it. |
關鍵字(中) |
★ PHP ★ 濫用檔案上傳 ★ 檔案上傳漏洞 ★ 本地文件包含漏洞 ★ 遠端程式碼執行 |
關鍵字(英) |
★ PHP ★ Abuse File Upload ★ File Upload Vulnerability ★ Local File Inclusion ★ Remote Code Evaluation |
論文目次 |
摘要.................................. i
Abstract ............................. ii
誌謝.................................. iii
目錄.................................. iv
圖目錄................................ vi
表目錄................................ viii
第 1 章 緒論.......................... 1
第 2 章 背景介紹...................... 2
2.1 PHP: Hypertext Preprocessor .. 2
2.1.1 PHP .................... 3
2.1.2 Zend Opcache ........... 3
2.1.3 Extension............... 3
2.1.4 PHP-FPM................. 4
2.2 數位簽章...................... 5
2.3 Threat Model ................. 8
2.3.1 Abuse File Upload ...... 8
2.3.2 Local File Inclusion ... 12
2.3.3 Remote File Inclusion .. 13
2.3.4 CVE-2019-11043.......... 13
第 3 章 相關研究...................... 17
3.1 處理上傳檔案.................. 17
3.1.1 檢查附檔名.............. 17
3.1.2 檢查MIME Type .......... 17
3.1.3 重新處理檔案............ 18
3.2 SELinux 或AppArmor ........... 18
3.3 靜態分析...................... 18
3.4 PharUtil ..................... 19
3.5 Signing PowerShell Scripts ... 19
第 4 章 系統設計與實作................ 20
4.1 System Layout ................ 20
4.2 PDE Signer ................... 26
4.3 PDE Filter ................... 27
4.4 編譯且安裝.................... 27
第 5 章 實驗結果及分析................ 29
5.1 結果驗證...................... 29
5.1.1 Abuse File Upload ...... 29
5.1.2 Local File Inclusion ... 30
5.1.3 Remote File Inclusion .. 30
5.1.4 Laravel ................ 30
5.1.5 CVE-2019-11043.......... 32
5.1.6 修改網站原有腳本........ 34
5.2 效能分析...................... 34
第 6 章 討論.......................... 38
6.1 限制.......................... 38
6.2 未來研究...................... 38
第 7 章 總結.......................... 40
參考文獻.............................. 41 |
參考文獻 |
[1] T. P. Group. (1995). “The php interpreter,” [Online]. Available: https://github.com/php/php-src (visited on 07/13/2020).
[2] Facebook. (2011). “A virtual machine for executing programs written in hack,” [Online]. Available: https://github.com/facebook/hhvm (visited on 07/13/2020).
[3] P. Bissonette. (2015). “Lockdown results and hhvm performance,” [Online]. Available: https://hhvm.com/blog/9293/lockdown-results-and-hhvm-performance (visited on 07/13/2020).
[4] SpaceX. (2018). “Simultaneous landing of two side boosters of the falcon heavy rocket.” File: Falcon Heavy Side Boosters landing on LZ1 and LZ2 - 2018(25254688767).jpg, [Online]. Available: https://commons.wikimedia.org/wiki/File:Falcon_Heavy_Side_Boosters_landing_on_LZ1_and_LZ2_-_2018_(25254688767).jpg (visited on 06/23/2020).
[5] T. P. Group. (2018). “Php rfc: Deprecations for php 7.4,” [Online]. Available: https://wiki.php.net/rfc/deprecations_php_7_4#allow_url_include (visited on 07/21/2020).
[6] 周峻佑. (2019). “Php 再傳遠端程式碼執行漏洞,波及nginx 網站伺服器,” [Online]. Available: https://www.ithome.com.tw/news/133904 (visited on 07/04/2020).
[7] neex. (2019). “Phuip-fpizdam - exploit for cve-2019-11043,” [Online]. Available: https://github.com/neex/phuip-fpizdam (visited on 07/04/2020).
[8] O. Tsai. (2019). “An analysis and thought about recently php-fpm rce(cve-2019-11043),” [Online]. Available: https://blog.orange.tw/2019/10/an-analysisand-thought-about-recently.html (visited on 07/04/2020).
[9] LoRexxar’@ 知道创宇404 实验室. (2019). “Php-fpm 远程代码执行漏洞(cve-2019-11043) 分析,” [Online]. Available: https://paper.seebug.org/1063/ (visited on 07/04/2020).
[10] OWASP. (2020). “Unrestricted file upload,” [Online]. Available: https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload (visited on 07/08/2020).
[11] theMiddle. (2018). “Apparmor: Say goodbye to remote command execution,” [Online]. Available: https://www.secjuice.com/apparmor-say-goodbye-to-remotecommand-execution/ (visited on 07/08/2020).
[12] J. Huang, Y. Li, J. Zhang, and R. Dai, “Uchecker: Automatically detecting phpbased unrestricted file upload vulnerabilities,” in 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2019, pp. 581–592.
[13] koto. (2012). “Pharutil - security-oriented utilities for phar archives,” [Online]. Available: https://github.com/koto/phar-util (visited on 07/08/2020).
[14] Microsoft. (2020). “Powershell documentation,” [Online]. Available: https://docs.microsoft.com/zh-tw/powershell/ (visited on 07/20/2020).
[15] ——, (2018). “About signing - powershell | microsoft docs,” [Online]. Available: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_signing?view=powershell-7 (visited on 07/20/2020).
[16] Warren. (2020). “Signing powershell scripts,” [Online]. Available: https://dev.to/wozzo/signing-powershell-scripts-5al7 (visited on 07/20/2020). |
指導教授 |
許富皓
|
審核日期 |
2020-7-23 |
推文 |
facebook plurk twitter funp google live udn HD myshare reddit netvibes friend youpush delicious baidu
|
網路書籤 |
Google bookmarks del.icio.us hemidemi myshare
|