[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsHZtdE9QkjnyD-QvW8ZAmRS7Z-6s7pXxHc0t31xsgtU":3},{"id":4,"source":5,"question":6,"options":7,"answer":12,"related":13,"type":24,"origin":111,"createTime":26},175109776,"v1","关于 PHP 文件包含利用方法,错误的是( )",[8,9,10,11],"远程文件包含需服务器开启 allow_url_fopen 配置","利用 php:\u002F\u002Finput 伪协议需开启 allow_url_include 配置","利用文件包含漏洞需被包含文件为.php 格式","文件包含漏洞常可以配合文件上传漏洞共同利用",[],[14,27,37,47,57,61,71,81,91,101],{"id":15,"source":5,"question":16,"options":17,"answer":22,"related":23,"type":24,"origin":25,"createTime":26},175109772,"IIS6.0文件解析漏洞可以使用以下哪个payload",[18,19,20,21],"test..asp","test.asp.jpg","test.asp;.jpg","test;asp;jpg",[],[],0,null,"2024-12-30T09:20:20+08:00",{"id":28,"source":5,"question":29,"options":30,"answer":35,"related":36,"type":24,"origin":25,"createTime":26},175109773,"如果需要进行远程文件包含, 则PHP需要开启什么参数",[31,32,33,34],"allw_url_fopen","allw_url_include","allw_path_fopen","allw_path_include",[],[],{"id":38,"source":5,"question":39,"options":40,"answer":45,"related":46,"type":24,"origin":25,"createTime":26},175109774,"如何防御包含漏洞,以下说法错误的是",[41,42,43,44],"避免由外界制定文件名","文件名中要包含目录名","限制包含的文件范围","对于远程文件包含,设置php.ini配置文件中allow_url_include = off",[],[],{"id":48,"source":5,"question":49,"options":50,"answer":55,"related":56,"type":24,"origin":25,"createTime":26},175109775,"关于 PHP 文件包含函数描述错误的是( )",[51,52,53,54],"include()函数找不到被包含文件时会产生警告,并停止脚本","require()函数找不到被包含文件时会产生致命错误,并停止脚本","include_once()函数如果文件代码已经被包含则不会再次包含","require_once()函数如果文件代码已经被包含则不会再次包含",[],[],{"id":4,"source":5,"question":6,"options":58,"answer":59,"related":60,"type":24,"origin":25,"createTime":26},[8,9,10,11],[],[],{"id":62,"source":5,"question":63,"options":64,"answer":69,"related":70,"type":24,"origin":25,"createTime":26},175109777,"文件包含漏洞的一般特征不包含",[65,66,67,68],"?page=a.php","?home=a.html","?file=content","?id=1'",[],[],{"id":72,"source":5,"question":73,"options":74,"answer":79,"related":80,"type":24,"origin":25,"createTime":26},175109778,"关于文件包含漏洞,以下说法中不正确的是",[75,76,77,78],"文件包含漏洞在PHP Web Application中居多,而在JSP、ASP、ASP.NET程序中却非常少,这是因为有些语言设计的弊端","渗透网站时,若当找不到上传点,并且也没有url_allow_include功能时,可以考虑包含服务器的日志文件","文件包含漏洞只在PHP中经常出现,在其他语言不存在","文件包含漏洞,分为本地包含,和远程包含",[],[],{"id":82,"source":5,"question":83,"options":84,"answer":89,"related":90,"type":24,"origin":25,"createTime":26},175109779,"已知上级目录下的db目录包含敏感文件db.rar, 以下哪个请求可以下载到该文件( )",[85,86,87,88],"?download=db.rar","?download=..\u002Fdb\u002Fdb.rar","?download=db\u002Fdb.rar","?download=.\u002Fdb\u002Fdb.rar",[],[],{"id":92,"source":5,"question":93,"options":94,"answer":99,"related":100,"type":24,"origin":25,"createTime":26},175109780,"PHP中常见文件包含的函数有include() , include_once() , require_once(),require ()等,以下说法错误的是",[95,96,97,98],"require():只要程序一运行就包含文件,找不到被包含的文件时会产生致命错误,并停止脚本","include():执行到include时才包含文件,找不到被包含文件时只会产生警告,脚本将继续执行","require_once():若文件中代码已被包含则不会再次包含","include_once():若文件中代码已被包含还会再次包含",[],[],{"id":102,"source":5,"question":103,"options":104,"answer":109,"related":110,"type":24,"origin":25,"createTime":26},175109781,"下列哪条是产生文件包含漏洞的原因",[105,106,107,108],"文件来源过滤不严并用户可用","管理员管理不善","用户输入恶意代码","服务器漏洞",[],[],{"courseName":112,"courseImg":113,"workName":114,"workId":115,"count":116,"courseId":117},"Web应用安全与管理","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F74c7ed2253aab3d2be46307269c18ec2.jpg","24年秋季学期期末复习题1(理论题部分)","work_39813381",181,"2bb54463126dcc203f1c6f847e2e1c60"]