support ssi with apache2

SouthWind0 · Jan 20, 2019 · 9959a00 · 9959a00
1 parent f51ad39
commit 9959a00
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 0 deletions.
diff --git a/base/httpd/2.4/with-ssi/Dockerfile b/base/httpd/2.4/with-ssi/Dockerfile
@@ -0,0 +1,8 @@
+FROM php:7.1-apache
+
+LABEL maintainer="phithon <[email protected]>"
+
+RUN set -ex \
+    && a2enmod include cgid \
+    && sed -i 's/Options -Indexes/Options -Indexes +Includes/' /etc/apache2/conf-enabled/docker-php.conf
+
diff --git a/httpd/ssi-rce/docker-compose.yml b/httpd/ssi-rce/docker-compose.yml
@@ -0,0 +1,8 @@
+version: '2'
+services:
+ apache:
+   image: vulhub/php:7.1-with-ssi
+   ports:
+    - "8080:80"
+   volumes:
+    - ./upload.php:/var/www/html/upload.php
diff --git a/httpd/ssi-rce/upload.php b/httpd/ssi-rce/upload.php
@@ -0,0 +1,16 @@
+<?php
+if (!empty($_FILES)):
+$ext = pathinfo($_FILES['file_upload']['name'], PATHINFO_EXTENSION);
+if (in_array($ext, ['php'])) {
+    die('Unsupported filetype uploaded.');
+}
+
+move_uploaded_file($_FILES['file_upload']['tmp_name'], './' . $_FILES['file_upload']['name']);
+echo "<a href='/{$_FILES['file_upload']['name']}'>{$_FILES['file_upload']['name']}</a>";
+
+endif;
+?>
+<form method="post" enctype="multipart/form-data">
+    File: <input type="file" name="file_upload">
+    <input type="submit">
+</form>