Hacking and more...
HaCkinG CulT 		Lista Forumurilor Pe Tematici
Hacking and more... | Reguli | Inregistrare | Login

POZE HACKING AND MORE...

Nu sunteti logat. 		Nou pe simpatie:
sexy_andrea2006 pe Simpatie.ro
Femeie
22 ani
Sibiu
cauta Barbat
22 - 48 ani
Hacking and more... / S.O.S. / shell in phpBB Moderat de Shocker
Autor
Mesaj Pagini: 1
hfhun
Elite Member

Inregistrat: acum 18 ani
Postari: 593
cum se uploadeaza un shell prin avatar? stiu ca era un exploit.

_______________________________________
"Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for." - The Mentor - The hacker's manifesto
pus acum 18 ani
   
Shocker
Super Moderator

Din: localhost
Inregistrat: acum 18 ani
Postari: 2084
Pai poti cu null byte.

Dai sa uploadezi la avatar un fisier .php [sau cum e shellu] si mai adaugi acolo %00.jpg

El cand analizeaza sa vada daca e sau nu .jpg, vede ca se termina in .jpg pathul catre imagine si crede ca totul e OK. Dar functia care uploadeaza fisierul, citeste doar pana la %00 [caracterul 0 care semnifica sfarsit de string], deci uploadeaza c:blablablabla.php [tu ai scris c:blablablabla.php%00.jpg]

_______________________________________
ShockingSoft is back
Freakz only
Comics of the day
pus acum 18 ani
   
hfhun
Elite Member

Inregistrat: acum 18 ani
Postari: 593
ms mult shocker. si merge pe orice versiune de phpBB care nu este securizata? pe phpBB 2.0.21 sau care e ultimul, mai merge?

_______________________________________
"Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for." - The Mentor - The hacker's manifesto
pus acum 18 ani
   
Shocker
Super Moderator

Din: localhost
Inregistrat: acum 18 ani
Postari: 2084
Asta nu stiu, deoarece nu am incercat niciodata... stiu doar teoria [atat ma intereseaza ]

Anyway... pe noul forum care e 2.0.21 nu merge [am mai facut si eu mici modificari pe la securitate]

_______________________________________
ShockingSoft is back
Freakz only
Comics of the day
pus acum 18 ani
   
Pagini: 1  

Mergi la