80 found nginx 0day vulnerability upload pictures can invade the 1 million server

top 80sec security team in the afternoon of 5.20 6 points issued a nginx vulnerability announcement, due to the existence of the vulnerability, the use of nginx+php to set up the website as long as it allows you to upload a picture can be hacked, until 5.21 am, nginx has not yet been released to repair the vulnerability patch; there have been some website was hacked administrator, speed



yes, once again, because there are loopholes in the nginx, these 1 million servers may be uploaded by the way the image is easily implanted Trojan hackers. The process of implanting a Trojan is also very simple, that is, the Trojan is uploaded to the picture upload, because the harm is very large, do not say details. Interested please visit http://s.www.80sec.com/nginx-securit.html

said so much, I would like everyone to 80sec this top security team is more curious about it, a brief introduction of vegetarian buns.


80sec team by a group of young, energetic, full of energy, full of passion and creativity of the unmarried male DOTA, they were engaged in information security in the major Internet Co, their slogan is know it then hack it, vegetarian dumplings very much agree with this view: "as long as we are very familiar with a thing, it is possible to objective to find the shortcomings of it, and we can find the advantages of things".

80sec means "80 port security", or "Web"; at the same time as the team members are 80 young people, we can also be understood as "80 security"; and because the SEC pronunciation is se Ke, we also can be understood as "80 color guest", "80. Guest" or "80 S guest", our understanding of 80sec is limited only by the imagination.

introduce their valiant record, they had found that IIS, IE, FireFox, Maxthon, PHPWind, DeDeCMS, window of the world, QQ mail, QuarkMail, EXTMail and other software vulnerabilities, visible fruits.


introduced the 80sec, will have to introduce another very dedicated WEB security top 80vul security team, the team is also composed of male shoes (80 90 said a lot of pressure: P), they also found a large number of security vulnerabilities WEB APP, such as IE, Gmail, WordPress, PHPWind, DISCUZ, MYBB etc..

see here, surely everyone a little regret, that is why there is no 80 female hacker (I’m not discrimination but I must not drag queen, drag queen), I have the same. "

0 thoughts on “80 found nginx 0day vulnerability upload pictures can invade the 1 million server”

Leave a Reply

Your email address will not be published. Required fields are marked *