Alex Posted July 15, 2006 Report Share Posted July 15, 2006 Modificatzi fisieru vulnerabil si introducetzi acest co intr-un loc gol: 1. <? if (isset ($pilih)) {include $pilih;} else {include "main.php";} ?> $pilih = $variable mail.php = some .php page 2. Securizatzi in Mambo: defined( '_VALID_MOS' ) or die( '5aa3b284dbb9a6c970f5d4f405d19c' ) _VALID_MOS = $variable Direct Access... = Your messegge 3. Securizare de PHPBB if ( !defined('IN_PHPBB') ) { die("You Are A LaMeR"); } IN_PHPBB = $variable You Are.... = you comment Alta secrizare: if (eregi ("http", $variable)){exit;} $variable = $variablee exit = exec mode Quote Link to comment Share on other sites More sharing options...
SpLo1T Posted August 5, 2006 Report Share Posted August 5, 2006 Alex poti posta un scanner de php ? Quote Link to comment Share on other sites More sharing options...
ghici Posted August 5, 2006 Report Share Posted August 5, 2006 acunetix Quote Link to comment Share on other sites More sharing options...
SpLo1T Posted August 7, 2006 Report Share Posted August 7, 2006 ghici sorry ma refeream la scanner de root ! Quote Link to comment Share on other sites More sharing options...
MostWanteD Posted August 21, 2006 Report Share Posted August 21, 2006 )))))) Quote Link to comment Share on other sites More sharing options...
dark Posted September 3, 2006 Report Share Posted September 3, 2006 chiar, mai bine ai explicat cum prinz un root cu php  si dupaia "Cum securizezi un root...prins la php...." Quote Link to comment Share on other sites More sharing options...
teh-method Posted May 9, 2007 Report Share Posted May 9, 2007 Well, exploituri pt. a obtine drept de root pe un php prins, aveti? Quote Link to comment Share on other sites More sharing options...
clawmvp Posted May 9, 2007 Report Share Posted May 9, 2007 Well, exploituri pt. a obtine drept de root pe un php prins, aveti? http://milw0rm.com/poate te ajuta Quote Link to comment Share on other sites More sharing options...
teh-method Posted May 9, 2007 Report Share Posted May 9, 2007 clawmvp said: teh-method said: Well, exploituri pt. a obtine drept de root pe un php prins, aveti? http://milw0rm.com/ poate te ajuta immm .. pe langa securitydot si packetstormsecurity, da! Apropo, poti fi mai precis in explicare securizarii? da un exemplu' cu vulnerabilitatea din smf.php Am reusit, dar se vede totu' alb .. vroiam sa scrie Patched! ;] Quote Link to comment Share on other sites More sharing options...