Spring security 在 AWS ThinkPHP 请求上部署了应用程序 [英] Spring security deployed app on AWS ThinkPHP request
问题描述
我有一个在 AWS 上运行的 Spring Boot 应用程序.我时不时会看到弹出的日志说并提到 ThinkPHP?
I Have a spring boot app running on AWS. From time to time I see a log that pops out saying and mentioning ThinkPHP?
java.lang.IllegalArgumentException: Invalid character found in the request target [/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21].
The valid characters are defined in RFC 7230 and RFC 3986.
at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:491) ~[tomcat-embed-core-9.0.36.jar!/:9.0.36]
及以下:
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
at org.springframework.security.web.firewall.StrictHttpFirewall.rejectedBlacklistedUrls(StrictHttpFirewall.java:369) ~[spring-security-web-5.3.3.RELEASE.jar!/:5.3.3.RELEASE]
这是令人担忧的原因还是正在发生的事情?通常根本没有流量发生 - 没有请求传入服务器,但会弹出.
Is this a reason for concern or what's happening? There's generally no traffic happening at all - no requests incoming to the server, yet this pops out.
推荐答案
ThinkPHP 是一个 Web 应用程序开发框架,多年来存在各种漏洞.
ThinkPHP is a web application development framework which has had various vulnerabilities over the years.
您的应用程序是喷雾和祈祷漏洞扫描程序的目标.您可能会发现包含以下请求的 Web 服务器或应用程序日志条目:
Your application is the target of spray and pray vulnerability scanners. You may find web server or application log entries with requests such as the following:
GET/index.php?s=/Index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1"
"GET /index.php?s=/Index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1"
至于您是否应该担心:这实际上是您正在运行的内容以及您对特定安全要求保持最新状态的问题.自动扫描程序不太可能发现您未运行的软件的漏洞.
As to whether you should be worried or not: it's really a question of what you are running and how well you are keeping up to date with your specific security requirements. Automated scanners are unlikely to find vulnerabilities for software you don't run.
这篇关于Spring security 在 AWS ThinkPHP 请求上部署了应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
