|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 47
Members: 0
Total: 47
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
PHP backdoor |
|
Posted: Wed May 13, 2009 10:59 pm |
|
|
access101 |
Regular user |
|
|
Joined: Apr 29, 2009 |
Posts: 21 |
|
|
|
|
|
|
|
is there a PHP trojan/backdoor?
im trying to upload a php file as a image to a forum
here are the details
-------------------------------------------------------------------
Many forums/sites, give the possiblilty of an avatar or picture to upload. there are only jpg. the null byte exploit makes if possilbe to php files to forum.
--------------------------
%00
--------------------------
%00 is the hexdecimal value for null. paste this in your broswer
http://www.google.nl/search?hl=nl&q=ho% 00i
If youre in the search bar look, you see that there is 'ho' is sought. the i is not shown because 00% repersents.
what if we %00 once a file set?
example: C:\exploits\c99.php%00.jpg
the operating system of the website will upload c99.php now because 00%, but the server sees the jpg extension, and thinks that it is a image.
results: an uploaded php file only jpg is allowed
------------------------------------------------------------------------ |
|
|
|
|
|
|
|
|
Posted: Thu May 14, 2009 1:42 am |
|
|
access101 |
Regular user |
|
|
Joined: Apr 29, 2009 |
Posts: 21 |
|
|
|
|
|
|
|
|
|
|
|
Posted: Fri May 15, 2009 2:35 am |
|
|
access101 |
Regular user |
|
|
Joined: Apr 29, 2009 |
Posts: 21 |
|
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> Php
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|