Apache 开启SSI配置使shtml支持 include()和SSI Shell漏洞问题

Apache 开启SSI配置使shtml支持 include()和SSI Shell漏洞问题
SSI (Server Side Includes)

1、编辑Apache的配置文件httpd.conf添加.shtml支持
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml #取消该行前的注释符#
#AddOutputFilter INCLUDES .shtml #取消该行前的注释符#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

2、编辑www.zhangfangzhou.cn.conf网站配置文件中添加Includes
Options FollowSymLinks Includes

3、重启Apache
service httpd restart
这样Apache2 开启SSI配置使shtml支持 include(),但是留下了一个SSI Shell漏洞问题,此时可以程序执行(exec)

4、只允许SSI但是禁止程序执行(exec)
编辑www.zhangfangzhou.cn.conf网站配置文件
Options FollowSymLinks Includes修改成Options FollowSymLinks IncludesNoExec
或者在.htaccess文件中添加Options +IncludesNOEXEC

5、补充
Includes #启用SSI
IncludesNoExec #启用SSI,但使EXEC指令无效

(1)、Includes
Options FollowSymLinks Includes以下规范有效
<!--#exec cmd="..."-->
<!--#exec cgi="..."-->
<!--#include file="..."-->

(2)、IncludesNoExec
Options FollowSymLinks IncludesNoExec
<!--#include file="..."-->
规范有效

<!--#exec cmd="..."-->
<!--#exec cgi="..."-->
exec等程序执行将受到限制不能执行

评论已关闭。