{"id":478428,"date":"2023-08-09T09:32:44","date_gmt":"2023-08-09T09:32:44","guid":{"rendered":""},"modified":"2023-09-05T11:16:46","modified_gmt":"2023-09-05T11:16:46","slug":"php-injection","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/php-injection\/","title":{"rendered":"PHP ti\u00eam"},"content":{"rendered":"<p>T\u00ednh n\u0103ng ch\u00e8n PHP, c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 ch\u00e8n m\u00e3 PHP ho\u1eb7c th\u1ef1c thi m\u00e3 t\u1eeb xa PHP, l\u00e0 m\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn c\u00e1c \u1ee9ng d\u1ee5ng web \u0111\u01b0\u1ee3c x\u00e2y d\u1ef1ng b\u1eb1ng ng\u00f4n ng\u1eef l\u1eadp tr\u00ecnh PHP (Hypertext Preprocessor). N\u00f3 cho ph\u00e9p c\u00e1c t\u00e1c nh\u00e2n \u0111\u1ed9c h\u1ea1i ch\u00e8n v\u00e0 th\u1ef1c thi m\u00e3 PHP t\u00f9y \u00fd tr\u00ean m\u00e1y ch\u1ee7 m\u1ee5c ti\u00eau, d\u1eabn \u0111\u1ebfn truy c\u1eadp tr\u00e1i ph\u00e9p, \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u v\u00e0 c\u00f3 kh\u1ea3 n\u0103ng x\u00e2m ph\u1ea1m ho\u00e0n to\u00e0n \u1ee9ng d\u1ee5ng.<\/p>\n<h2>L\u1ecbch s\u1eed v\u1ec1 ngu\u1ed3n g\u1ed1c c\u1ee7a vi\u1ec7c ti\u00eam PHP v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn n\u00f3.<\/h2>\n<p>Kh\u00e1i ni\u1ec7m ch\u00e8n PHP xu\u1ea5t hi\u1ec7n v\u00e0o \u0111\u1ea7u nh\u1eefng n\u0103m 2000 khi PHP tr\u1edf th\u00e0nh ng\u00f4n ng\u1eef k\u1ecbch b\u1ea3n ph\u00eda m\u00e1y ch\u1ee7 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i \u0111\u1ec3 ph\u00e1t tri\u1ec3n web. S\u1ef1 \u0111\u1ec1 c\u1eadp \u0111\u00e1ng ch\u00fa \u00fd \u0111\u1ea7u ti\u00ean v\u1ec1 vi\u1ec7c ch\u00e8n PHP l\u00e0 v\u00e0o kho\u1ea3ng n\u0103m 2002, khi c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt ph\u00e1t hi\u1ec7n ra l\u1ed7 h\u1ed5ng trong PHP-Nuke, m\u1ed9t h\u1ec7 th\u1ed1ng qu\u1ea3n l\u00fd n\u1ed9i dung ph\u1ed5 bi\u1ebfn v\u00e0o th\u1eddi \u0111i\u1ec3m \u0111\u00f3. S\u1ef1 c\u1ed1 n\u00e0y \u0111\u00e3 n\u00e2ng cao nh\u1eadn th\u1ee9c v\u1ec1 nh\u1eefng r\u1ee7i ro ti\u1ec1m \u1ea9n c\u1ee7a vi\u1ec7c ti\u00eam m\u00e3 PHP v\u00e0 l\u00e0m d\u1ea5y l\u00ean c\u00e1c cu\u1ed9c th\u1ea3o lu\u1eadn trong c\u1ed9ng \u0111\u1ed3ng ph\u00e1t tri\u1ec3n web.<\/p>\n<h2>Th\u00f4ng tin chi ti\u1ebft v\u1ec1 vi\u1ec7c ti\u00eam PHP. M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 ch\u00e8n PHP.<\/h2>\n<p>Vi\u1ec7c ti\u00eam PHP x\u1ea3y ra do vi\u1ec7c x\u1eed l\u00fd d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng trong c\u00e1c \u1ee9ng d\u1ee5ng PHP kh\u00f4ng \u0111\u00fang c\u00e1ch. Khi m\u1ed9t \u1ee9ng d\u1ee5ng web kh\u00f4ng x\u00e1c th\u1ef1c ho\u1eb7c v\u1ec7 sinh \u0111\u1ea7y \u0111\u1ee7 d\u1eef li\u1ec7u do ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea1o \u0111\u1ea7u v\u00e0o \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c m\u00e1y ch\u1ee7 th\u1ef1c thi d\u01b0\u1edbi d\u1ea1ng m\u00e3 PHP. C\u00e1c nguy\u00ean nh\u00e2n ch\u00ednh c\u1ee7a vi\u1ec7c ti\u00eam PHP bao g\u1ed3m:<\/p>\n<ol>\n<li>\n<p><strong>X\u1eed l\u00fd sai \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng:<\/strong> Vi\u1ec7c kh\u00f4ng x\u00e1c th\u1ef1c v\u00e0 v\u1ec7 sinh \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, ch\u1eb3ng h\u1ea1n nh\u01b0 d\u1eef li\u1ec7u bi\u1ec3u m\u1eabu, tham s\u1ed1 URL v\u00e0 cookie, c\u00f3 th\u1ec3 t\u1ea1o c\u01a1 h\u1ed9i cho k\u1ebb t\u1ea5n c\u00f4ng ti\u00eam m\u00e3 PHP \u0111\u1ed9c h\u1ea1i.<\/p>\n<\/li>\n<li>\n<p><strong>Truy v\u1ea5n c\u01a1 s\u1edf d\u1eef li\u1ec7u:<\/strong> Vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c truy v\u1ea5n c\u01a1 s\u1edf d\u1eef li\u1ec7u kh\u00f4ng \u0111\u00fang c\u00e1ch, \u0111\u1eb7c bi\u1ec7t l\u00e0 c\u00e1c truy v\u1ea5n \u0111\u1ed9ng \u0111\u01b0\u1ee3c x\u00e2y d\u1ef1ng b\u1eb1ng d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng \u0111\u01b0\u1ee3c n\u1ed1i v\u00e0o c\u00e1c c\u00e2u l\u1ec7nh SQL, c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn c\u00e1c l\u1ed7 h\u1ed5ng ch\u00e8n SQL, t\u1eeb \u0111\u00f3 c\u00f3 th\u1ec3 k\u00edch ho\u1ea1t vi\u1ec7c ch\u00e8n PHP.<\/p>\n<\/li>\n<li>\n<p><strong>L\u1ed7 h\u1ed5ng bao g\u1ed3m t\u1ec7p:<\/strong> N\u1ebfu m\u1ed9t \u1ee9ng d\u1ee5ng PHP bao g\u1ed3m c\u00e1c t\u1ec7p d\u1ef1a tr\u00ean th\u00f4ng tin \u0111\u1ea7u v\u00e0o do ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p m\u00e0 kh\u00f4ng c\u00f3 x\u00e1c th\u1ef1c th\u00edch h\u1ee3p, th\u00ec k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng \u0111i\u1ec1u n\u00e0y \u0111\u1ec3 bao g\u1ed3m c\u00e1c t\u1ec7p PHP \u0111\u1ed9c h\u1ea1i v\u00e0 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a PHP PHP. C\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a vi\u1ec7c ti\u00eam PHP.<\/h2>\n<p>T\u00ednh n\u0103ng ch\u00e8n PHP t\u1eadn d\u1ee5ng t\u00ednh ch\u1ea5t \u0111\u1ed9ng c\u1ee7a PHP, cho ph\u00e9p th\u1ef1c thi m\u00e3 trong th\u1eddi gian ch\u1ea1y. Qu\u00e1 tr\u00ecnh ch\u00e8n PHP c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c chia th\u00e0nh c\u00e1c b\u01b0\u1edbc sau:<\/p>\n<ol>\n<li>\n<p><strong>\u0110\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng:<\/strong><\/p>\n<ul>\n<li>K\u1ebb t\u1ea5n c\u00f4ng x\u00e1c \u0111\u1ecbnh m\u1ed9t \u0111i\u1ec3m trong \u1ee9ng d\u1ee5ng web n\u01a1i d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng \u0111\u01b0\u1ee3c x\u1eed l\u00fd m\u00e0 kh\u00f4ng \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c \u0111\u1ea7y \u0111\u1ee7.<\/li>\n<li>C\u00e1c \u0111i\u1ec3m nh\u1eadp ph\u1ed5 bi\u1ebfn bao g\u1ed3m bi\u1ec3u m\u1eabu web, tham s\u1ed1 URL, ti\u00eau \u0111\u1ec1 HTTP v\u00e0 cookie.<\/li>\n<\/ul>\n<\/li>\n<li>\n<p><strong>T\u1ea3i tr\u1ecdng \u0111\u1ed9c h\u1ea1i:<\/strong><\/p>\n<ul>\n<li>K\u1ebb t\u1ea5n c\u00f4ng t\u1ea1o ra m\u1ed9t t\u1ea3i tr\u1ecdng \u0111\u1ed9c h\u1ea1i ch\u1ee9a m\u00e3 PHP m\u00e0 ch\u00fang mu\u1ed1n th\u1ef1c thi tr\u00ean m\u00e1y ch\u1ee7.<\/li>\n<li>T\u1ea3i tr\u1ecdng c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a ho\u1eb7c l\u00e0m x\u00e1o tr\u1ed9n \u0111\u1ec3 tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n.<\/li>\n<\/ul>\n<\/li>\n<li>\n<p><strong>Th\u1ef1c thi m\u00e3:<\/strong><\/p>\n<ul>\n<li>T\u1ea3i tr\u1ecdng \u0111\u01b0\u1ee3c ch\u1ebf t\u1ea1o s\u1ebd \u0111\u01b0\u1ee3c \u0111\u01b0a v\u00e0o \u0111i\u1ec3m v\u00e0o d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng.<\/li>\n<li>M\u00e1y ch\u1ee7 coi m\u00e3 \u0111\u01b0\u1ee3c ch\u00e8n l\u00e0 m\u00e3 PHP h\u1ee3p ph\u00e1p v\u00e0 th\u1ef1c thi m\u00e3 \u0111\u00f3 trong th\u1eddi gian ch\u1ea1y.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2>Ph\u00e2n t\u00edch c\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a vi\u1ec7c ti\u00eam PHP.<\/h2>\n<p>T\u00ednh n\u0103ng ti\u00eam PHP s\u1edf h\u1eefu m\u1ed9t s\u1ed1 t\u00ednh n\u0103ng ch\u00ednh khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh m\u1ed1i \u0111e d\u1ecda \u0111\u00e1ng k\u1ec3 \u0111\u1ed1i v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng web:<\/p>\n<ol>\n<li>\n<p><strong>Th\u1ef1c thi m\u00e3 t\u1eeb xa:<\/strong> T\u00ednh n\u0103ng ch\u00e8n PHP cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 PHP t\u00f9y \u00fd t\u1eeb xa, cho ph\u00e9p ch\u00fang chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t m\u00e1y ch\u1ee7 \u1ee9ng d\u1ee5ng.<\/p>\n<\/li>\n<li>\n<p><strong>Thao t\u00e1c d\u1eef li\u1ec7u:<\/strong> K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 thao t\u00fang, \u0111\u1ecdc ho\u1eb7c x\u00f3a d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef trong c\u01a1 s\u1edf d\u1eef li\u1ec7u c\u1ee7a \u1ee9ng d\u1ee5ng, c\u00f3 kh\u1ea3 n\u0103ng d\u1eabn \u0111\u1ebfn vi ph\u1ea1m d\u1eef li\u1ec7u ho\u1eb7c m\u1ea5t th\u00f4ng tin nh\u1ea1y c\u1ea3m.<\/p>\n<\/li>\n<li>\n<p><strong>Th\u1ecfa hi\u1ec7p \u1ee9ng d\u1ee5ng:<\/strong> Vi\u1ec7c ti\u00eam PHP th\u00e0nh c\u00f4ng c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn s\u1ef1 x\u00e2m ph\u1ea1m ho\u00e0n to\u00e0n c\u1ee7a \u1ee9ng d\u1ee5ng, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0 th\u1ef1c hi\u1ec7n nhi\u1ec1u ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i kh\u00e1c nhau.<\/p>\n<\/li>\n<li>\n<p><strong>Vect\u01a1 t\u1eadp l\u1ec7nh ch\u00e9o trang (XSS):<\/strong> Vi\u1ec7c ti\u00eam PHP c\u00f3 th\u1ec3 \u0111\u00f3ng vai tr\u00f2 l\u00e0 vect\u01a1 cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eadp l\u1ec7nh ch\u00e9o trang khi m\u00e3 \u0111\u01b0\u1ee3c ch\u00e8n \u0111\u01b0\u1ee3c ph\u1ea3n \u00e1nh l\u1ea1i cho ng\u01b0\u1eddi d\u00f9ng kh\u00e1c.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1c ki\u1ec3u ch\u00e8n PHP v\u00e0 v\u00ed d\u1ee5:<\/h2>\n<p>C\u00f3 m\u1ed9t s\u1ed1 lo\u1ea1i ch\u00e8n PHP, m\u1ed7i lo\u1ea1i c\u00f3 \u0111\u1eb7c \u0111i\u1ec3m v\u00e0 ph\u01b0\u01a1ng ph\u00e1p khai th\u00e1c ri\u00eang. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 lo\u1ea1i ph\u1ed5 bi\u1ebfn:<\/p>\n<table>\n<thead>\n<tr>\n<th>Ki\u1ec3u<\/th>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<th>V\u00ed d\u1ee5<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Ch\u00e8n tham s\u1ed1 GET\/POST<\/strong><\/td>\n<td>X\u1ea3y ra khi m\u00e3 PHP \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c \u0111\u01b0a v\u00e0o \u1ee9ng d\u1ee5ng th\u00f4ng qua tham s\u1ed1 GET ho\u1eb7c POST.<\/td>\n<td><code data-no-translation=\"\">http:\/\/example.com\/page.php?id=1' UNION SELECT null, username, password FROM users--<\/code><\/td>\n<\/tr>\n<tr>\n<td><strong>T\u00ednh n\u0103ng ti\u00eam PHP d\u1ef1a tr\u00ean SQL SQL<\/strong><\/td>\n<td>X\u1ea3y ra khi l\u1ed7 h\u1ed5ng SQL SQL d\u1eabn \u0111\u1ebfn vi\u1ec7c ch\u00e8n m\u00e3 PHP.<\/td>\n<td><code data-no-translation=\"\">username=admin'; DELETE FROM users;--<\/code><\/td>\n<\/tr>\n<tr>\n<td><strong>L\u1ec7nh ti\u00eam<\/strong><\/td>\n<td>Li\u00ean quan \u0111\u1ebfn vi\u1ec7c th\u1ef1c thi c\u00e1c l\u1ec7nh shell t\u00f9y \u00fd tr\u00ean m\u00e1y ch\u1ee7 th\u00f4ng qua vi\u1ec7c ch\u00e8n m\u00e3 PHP.<\/td>\n<td><code data-no-translation=\"\">system('rm -rf \/');<\/code><\/td>\n<\/tr>\n<tr>\n<td><strong>T\u00ednh n\u0103ng ch\u00e8n PHP d\u1ef1a tr\u00ean bao g\u1ed3m t\u1ec7p<\/strong><\/td>\n<td>Li\u00ean quan \u0111\u1ebfn vi\u1ec7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng bao g\u1ed3m t\u1ec7p \u0111\u1ec3 th\u1ef1c thi m\u00e3 PHP t\u1eeb c\u00e1c t\u1ec7p b\u00ean ngo\u00e0i.<\/td>\n<td><code data-no-translation=\"\">http:\/\/example.com\/page.php?file=evil.php<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng t\u00ednh n\u0103ng ch\u00e8n PHP, c\u00e1c v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng.<\/h2>\n<h3>Khai th\u00e1c PHP ti\u00eam:<\/h3>\n<ol>\n<li>\n<p><strong>B\u1ecf qua x\u00e1c th\u1ef1c:<\/strong> Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 ch\u00e8n m\u00e3 PHP \u0111\u1ec3 v\u01b0\u1ee3t qua c\u01a1 ch\u1ebf \u0111\u0103ng nh\u1eadp, c\u1ea5p cho ch\u00fang quy\u1ec1n truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0o c\u00e1c khu v\u1ef1c b\u1ecb h\u1ea1n ch\u1ebf.<\/p>\n<\/li>\n<li>\n<p><strong>Tr\u1ed9m c\u1eafp d\u1eef li\u1ec7u:<\/strong> B\u1eb1ng c\u00e1ch khai th\u00e1c t\u00ednh n\u0103ng ch\u00e8n PHP, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 tr\u00edch xu\u1ea5t d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m t\u1eeb \u1ee9ng d\u1ee5ng ho\u1eb7c c\u01a1 s\u1edf d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c k\u1ebft n\u1ed1i.<\/p>\n<\/li>\n<li>\n<p><strong>L\u00e0m bi\u1ebfn d\u1ea1ng trang web:<\/strong> M\u00e3 PHP \u0111\u01b0\u1ee3c ch\u00e8n v\u00e0o c\u00f3 th\u1ec3 s\u1eeda \u0111\u1ed5i n\u1ed9i dung c\u1ee7a trang web, l\u00e0m thay \u0111\u1ed5i giao di\u1ec7n c\u1ee7a trang web ho\u1eb7c hi\u1ec3n th\u1ecb n\u1ed9i dung kh\u00f4ng ph\u00f9 h\u1ee3p.<\/p>\n<\/li>\n<\/ol>\n<h3>V\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p:<\/h3>\n<ol>\n<li>\n<p><strong>X\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o kh\u00f4ng \u0111\u1ea7y \u0111\u1ee7:<\/strong> Tri\u1ec3n khai qu\u00e1 tr\u00ecnh x\u00e1c th\u1ef1c v\u00e0 l\u1ecdc \u0111\u1ea7u v\u00e0o m\u1ea1nh m\u1ebd \u0111\u1ec3 ng\u0103n ch\u1eb7n vi\u1ec7c x\u1eed l\u00fd c\u00e1c k\u00fd t\u1ef1 tr\u00e1i ph\u00e9p.<\/p>\n<\/li>\n<li>\n<p><strong>C\u00e1c b\u00e1o c\u00e1o \u0111\u00e3 chu\u1ea9n b\u1ecb:<\/strong> S\u1eed d\u1ee5ng c\u00e1c c\u00e2u l\u1ec7nh \u0111\u00e3 chu\u1ea9n b\u1ecb s\u1eb5n ho\u1eb7c c\u00e1c truy v\u1ea5n \u0111\u01b0\u1ee3c tham s\u1ed1 h\u00f3a \u0111\u1ec3 tr\u00e1nh vi\u1ec7c ch\u00e8n SQL, \u0111i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn vi\u1ec7c ch\u00e8n PHP.<\/p>\n<\/li>\n<li>\n<p><strong>Tho\u00e1t \u0111\u1ea7u ra:<\/strong> Lu\u00f4n tho\u00e1t \u0111\u1ea7u ra tr\u01b0\u1edbc khi hi\u1ec3n th\u1ecb cho ng\u01b0\u1eddi d\u00f9ng \u0111\u1ec3 ng\u0103n ch\u1eb7n XSS v\u00e0 gi\u1ea3m nguy c\u01a1 b\u1ecb ti\u00eam PHP.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1c \u0111\u1eb7c \u0111i\u1ec3m ch\u00ednh v\u00e0 c\u00e1c so s\u00e1nh kh\u00e1c v\u1edbi c\u00e1c thu\u1eadt ng\u1eef t\u01b0\u01a1ng t\u1ef1 d\u01b0\u1edbi d\u1ea1ng b\u1ea3ng v\u00e0 danh s\u00e1ch.<\/h2>\n<table>\n<thead>\n<tr>\n<th>\u0111\u1eb7c tr\u01b0ng<\/th>\n<th>PHP ti\u00eam<\/th>\n<th>T\u1eadp l\u1ec7nh ch\u00e9o trang (XSS)<\/th>\n<th>Ti\u00eam SQL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Kh\u00e1ch quan<\/strong><\/td>\n<td>Th\u1ef1c thi m\u00e3 PHP t\u1eeb xa<\/td>\n<td>Th\u1ef1c thi c\u00e1c t\u1eadp l\u1ec7nh ph\u00eda m\u00e1y kh\u00e1ch tr\u00ean tr\u00ecnh duy\u1ec7t c\u1ee7a ng\u01b0\u1eddi d\u00f9ng<\/td>\n<td>Thao t\u00e1c truy v\u1ea5n SQL t\u1edbi c\u01a1 s\u1edf d\u1eef li\u1ec7u<\/td>\n<\/tr>\n<tr>\n<td><strong>Th\u00e0nh ph\u1ea7n b\u1ecb \u1ea3nh h\u01b0\u1edfng<\/strong><\/td>\n<td>M\u00e3 PHP ph\u00eda m\u00e1y ch\u1ee7<\/td>\n<td>JavaScript ph\u00eda m\u00e1y kh\u00e1ch<\/td>\n<td>Truy v\u1ea5n c\u01a1 s\u1edf d\u1eef li\u1ec7u<\/td>\n<\/tr>\n<tr>\n<td><strong>V\u1ecb tr\u00ed th\u1ef1c hi\u1ec7n<\/strong><\/td>\n<td>M\u00e1y ch\u1ee7<\/td>\n<td>Tr\u00ecnh duy\u1ec7t c\u1ee7a ng\u01b0\u1eddi d\u00f9ng<\/td>\n<td>M\u00e1y ch\u1ee7<\/td>\n<\/tr>\n<tr>\n<td><strong>\u0110i\u1ec3m khai th\u00e1c<\/strong><\/td>\n<td>\u0110\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng (GET\/POST)<\/td>\n<td>\u0110\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng (v\u00ed d\u1ee5: bi\u1ec3u m\u1eabu)<\/td>\n<td>\u0110\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng (v\u00ed d\u1ee5: bi\u1ec3u m\u1eabu)<\/td>\n<\/tr>\n<tr>\n<td><strong>S\u1ef1 va ch\u1ea1m<\/strong><\/td>\n<td>S\u1ef1 th\u1ecfa hi\u1ec7p m\u00e1y ch\u1ee7<\/td>\n<td>Ti\u1ebfp x\u00fac v\u1edbi d\u1eef li\u1ec7u ng\u01b0\u1eddi d\u00f9ng<\/td>\n<td>Thao t\u00e1c c\u01a1 s\u1edf d\u1eef li\u1ec7u<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>C\u00e1c quan \u0111i\u1ec3m v\u00e0 c\u00f4ng ngh\u1ec7 c\u1ee7a t\u01b0\u01a1ng lai li\u00ean quan \u0111\u1ebfn vi\u1ec7c ti\u00eam PHP.<\/h2>\n<p>Khi c\u00f4ng ngh\u1ec7 ti\u1ebfn b\u1ed9, c\u00e1c k\u1ef9 thu\u1eadt \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng nh\u01b0 ch\u00e8n PHP c\u0169ng v\u1eady. \u0110\u1ec3 ch\u1ed1ng l\u1ea1i m\u1ed1i \u0111e d\u1ecda n\u00e0y, c\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n v\u00e0 chuy\u00ean gia b\u1ea3o m\u1eadt ph\u1ea3i lu\u00f4n c\u1ea3nh gi\u00e1c v\u00e0 \u00e1p d\u1ee5ng c\u00e1c ph\u01b0\u01a1ng ph\u00e1p hay nh\u1ea5t:<\/p>\n<ol>\n<li>\n<p><strong>Ph\u00e2n t\u00edch m\u00e3 t\u1ef1 \u0111\u1ed9ng:<\/strong> Vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 t\u1ef1 \u0111\u1ed9ng \u0111\u1ec3 ph\u00e2n t\u00edch m\u00e3 c\u00f3 th\u1ec3 gi\u00fap x\u00e1c \u0111\u1ecbnh c\u00e1c l\u1ed7 h\u1ed5ng ti\u1ec1m \u1ea9n, bao g\u1ed3m c\u1ea3 vi\u1ec7c ch\u00e8n PHP.<\/p>\n<\/li>\n<li>\n<p><strong>Ki\u1ec3m tra b\u1ea3o m\u1eadt v\u00e0 ki\u1ec3m tra th\u00e2m nh\u1eadp:<\/strong> Ki\u1ec3m tra b\u1ea3o m\u1eadt th\u01b0\u1eddng xuy\u00ean v\u00e0 ki\u1ec3m tra th\u00e2m nh\u1eadp c\u00f3 th\u1ec3 ph\u00e1t hi\u1ec7n \u0111i\u1ec3m y\u1ebfu trong \u1ee9ng d\u1ee5ng web, cho ph\u00e9p th\u1ef1c hi\u1ec7n c\u00e1c bi\u1ec7n ph\u00e1p ch\u1ee7 \u0111\u1ed9ng.<\/p>\n<\/li>\n<li>\n<p><strong>Khung ph\u00e1t tri\u1ec3n an to\u00e0n:<\/strong> Vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c khung ph\u00e1t tri\u1ec3n an to\u00e0n k\u1ebft h\u1ee3p c\u00e1c t\u00ednh n\u0103ng b\u1ea3o m\u1eadt t\u00edch h\u1ee3p c\u00f3 th\u1ec3 gi\u00fap gi\u1ea3m thi\u1ec3u r\u1ee7i ro khi ti\u00eam PHP.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1ch s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 proxy ho\u1eb7c li\u00ean k\u1ebft v\u1edbi vi\u1ec7c ch\u00e8n PHP.<\/h2>\n<p>M\u00e1y ch\u1ee7 proxy \u0111\u00f3ng vai tr\u00f2 trung gian gi\u1eefa m\u00e1y kh\u00e1ch v\u00e0 m\u00e1y ch\u1ee7, cung c\u1ea5p th\u00eam l\u1edbp \u1ea9n danh v\u00e0 b\u1ea3o m\u1eadt cho ng\u01b0\u1eddi d\u00f9ng. Trong b\u1ed1i c\u1ea3nh ch\u00e8n PHP, m\u00e1y ch\u1ee7 proxy c\u00f3 th\u1ec3 v\u1eeba l\u00e0 y\u1ebfu t\u1ed1 th\u00fac \u0111\u1ea9y v\u1eeba l\u00e0 tr\u1edf ng\u1ea1i:<\/p>\n<ol>\n<li>\n<p><strong>\u1ea8n danh t\u00ednh c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng:<\/strong> K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 proxy \u0111\u1ec3 che gi\u1ea5u \u0111\u1ecba ch\u1ec9 IP th\u1ef1c c\u1ee7a ch\u00fang trong khi th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ch\u00e8n PHP, khi\u1ebfn vi\u1ec7c theo d\u00f5i v\u1ecb tr\u00ed c\u1ee7a ch\u00fang tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n.<\/p>\n<\/li>\n<li>\n<p><strong>An ninh v\u00e0 gi\u00e1m s\u00e1t:<\/strong> Qu\u1ea3n tr\u1ecb vi\u00ean trang web c\u0169ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 proxy \u0111\u1ec3 t\u0103ng c\u01b0\u1eddng b\u1ea3o m\u1eadt b\u1eb1ng c\u00e1ch l\u1ecdc v\u00e0 gi\u00e1m s\u00e1t l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp \u0111\u1ebfn, c\u00f3 kh\u1ea3 n\u0103ng ph\u00e1t hi\u1ec7n v\u00e0 ch\u1eb7n c\u00e1c n\u1ed7 l\u1ef1c ti\u00eam PHP.<\/p>\n<\/li>\n<\/ol>\n<h2>Li\u00ean k\u1ebft li\u00ean quan<\/h2>\n<p>\u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 vi\u1ec7c ch\u00e8n PHP v\u00e0 b\u1ea3o m\u1eadt \u1ee9ng d\u1ee5ng web, h\u00e3y xem x\u00e9t kh\u00e1m ph\u00e1 c\u00e1c t\u00e0i nguy\u00ean sau:<\/p>\n<ol>\n<li><a href=\"https:\/\/owasp.org\/www-community\/attacks\/PHP_Injection\" target=\"_new\" rel=\"noopener nofollow\">B\u1ea3ng m\u00e3 b\u1ea3o m\u1eadt OWASP PHP<\/a><\/li>\n<li><a href=\"https:\/\/www.php.net\/\" target=\"_new\" rel=\"noopener nofollow\">Trang web ch\u00ednh th\u1ee9c c\u1ee7a PHP<\/a><\/li>\n<li><a href=\"https:\/\/www.acunetix.com\/blog\/articles\/understanding-php-injection\/\" target=\"_new\" rel=\"noopener nofollow\">Acunetix \u2013 T\u00ecm hi\u1ec3u c\u00e1ch ti\u00eam PHP<\/a><\/li>\n<li><a href=\"https:\/\/www.w3schools.com\/php\/\" target=\"_new\" rel=\"noopener nofollow\">H\u01b0\u1edbng d\u1eabn PHP c\u1ee7a W3Schools<\/a><\/li>\n<li><a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/PHP\" target=\"_new\" rel=\"noopener nofollow\">H\u01b0\u1edbng d\u1eabn PHP c\u1ee7a M\u1ea1ng l\u01b0\u1edbi Nh\u00e0 ph\u00e1t tri\u1ec3n Mozilla<\/a><\/li>\n<\/ol>\n<p>H\u00e3y nh\u1edb r\u1eb1ng, vi\u1ec7c c\u1eadp nh\u1eadt th\u00f4ng tin v\u00e0 tri\u1ec3n khai c\u00e1c ph\u01b0\u01a1ng ph\u00e1p m\u00e3 h\u00f3a an to\u00e0n l\u00e0 \u0111i\u1ec1u c\u1ea7n thi\u1ebft \u0111\u1ec3 b\u1ea3o v\u1ec7 c\u00e1c \u1ee9ng d\u1ee5ng web kh\u1ecfi vi\u1ec7c ti\u00eam PHP v\u00e0 c\u00e1c m\u1ed1i \u0111e d\u1ecda b\u1ea3o m\u1eadt kh\u00e1c.<\/p>","protected":false},"featured_media":478429,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-478428","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>PHP Injection: A Comprehensive Overview<\/mark>","faq_items":[{"question":"What is PHP injection, and why is it a concern for web applications?","answer":"<p>PHP injection, also known as PHP code injection, is a security vulnerability that allows attackers to insert and execute arbitrary PHP code on a web application's server. It poses a serious threat as it can lead to unauthorized access, data theft, and even complete compromise of the application.<\/p>"},{"question":"How did PHP injection originate, and when was it first mentioned?","answer":"<p>PHP injection emerged in the early 2000s with the rise of PHP as a popular server-side scripting language. The first notable mention occurred around 2002 when security researchers discovered a vulnerability in PHP-Nuke, a widely-used content management system.<\/p>"},{"question":"What causes PHP injection, and how does it work internally?","answer":"<p>PHP injection occurs when web applications mishandle user input, especially when it lacks proper validation or sanitization. Attackers inject malicious PHP code through vulnerable entry points, and the server executes it as legitimate PHP code during runtime.<\/p>"},{"question":"What are the main characteristics of PHP injection, and how does it compare to XSS and SQL injection?","answer":"<p>PHP injection allows remote code execution on the server, impacting the application's integrity. In comparison, Cross-Site Scripting (XSS) executes scripts on users' browsers, and SQL injection manipulates database queries to extract data. Each poses unique risks and requires specific prevention measures.<\/p>"},{"question":"What types of PHP injection exist, and can you provide examples?","answer":"<p>Several types of PHP injection include GET\/POST Parameter Injection, SQL Injection-based PHP Injection, Command Injection, and File Inclusion-based PHP Injection. For example, an attacker might exploit a GET parameter to inject malicious SQL code and execute arbitrary commands on the server.<\/p>"},{"question":"How can PHP injection be used, and what are the associated problems and solutions?","answer":"<p>Attackers can use PHP injection to bypass authentication, steal data, and deface websites. To prevent PHP injection, developers should implement robust input validation, use prepared statements for database queries, and escape output before displaying it to users.<\/p>"},{"question":"What are the future perspectives and technologies related to PHP injection?","answer":"<p>As technology advances, automated code analysis, security audits, and secure development frameworks will play crucial roles in mitigating PHP injection risks and enhancing web application security.<\/p>"},{"question":"How are proxy servers related to PHP injection, and what role do they play?","answer":"<p>Proxy servers can both facilitate and hinder PHP injection. Attackers might use proxy servers to hide their identities during attacks, while website administrators can employ proxies to filter and monitor incoming traffic, detecting and blocking potential PHP injection attempts.<\/p>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/478428","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/478428\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/media\/478429"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/media?parent=478428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}