Jump to content
Alex

Cum securizezi un root...prins la php....

Recommended Posts

Modificatzi fisieru vulnerabil si introducetzi acest co intr-un loc gol:

1.

 
<?

if (isset ($pilih)) {include $pilih;}

else {include "main.php";}

?>

$pilih = $variable

mail.php = some .php page

2. Securizatzi in Mambo:

 
defined( '_VALID_MOS' ) or die( '5aa3b284dbb9a6c970f5d4f405d19c' )

_VALID_MOS = $variable

Direct Access... = Your messegge

3. Securizare de PHPBB

 
if ( !defined('IN_PHPBB') ) { die("You Are A LaMeR"); }

IN_PHPBB = $variable

You Are.... = you comment

Alta secrizare:

 
if (eregi ("http", $variable)){exit;}

$variable = $variablee

exit = exec mode

Link to comment
Share on other sites

clawmvp said:
teh-method said:
Well, exploituri pt. a obtine drept de root pe un php prins, aveti? :lol:

http://milw0rm.com/

poate te ajuta

immm .. pe langa securitydot si packetstormsecurity, da! :lol: Apropo, poti fi mai precis in explicare securizarii? da un exemplu' cu vulnerabilitatea din smf.php :D Am reusit, dar se vede totu' alb .. vroiam sa scrie Patched! ;]

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...