Hacking and more...
HaCkinG CulT
|
Lista Forumurilor Pe Tematici
|
Hacking and more... | Reguli | Inregistrare | Login
POZE HACKING AND MORE...
Nu sunteti logat.
|
Nou pe simpatie:
Larina23
 | Femeie
23 ani
Timis
cauta Barbat
28 - 80 ani |
|
hackcrack
Little Kevin
 Inregistrat: acum 16 ani
Postari: 98
|
|
Am scanat pagina respectiva cu ACUNETIX care mie mi se pare un foarte bun in materie de a gasi vulnerabilitati si imi arata 3 vulnerabilitati foarte grave iar 2 medi. Una dintre ele mai grave este denial of service ( DoS ) copiez exact ce imi spune:
Stefan Esser reported some vulnerabilities in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.The vulnerabilities are caused due to boundary errors within the "htmlentities()" and "htmlspecialchars()" functions. If a PHP application uses these functions to process user-supplied input, this can be exploited to cause a heap-based buffer overflow by passing specially crafted data to the affected application. Successful exploitation may allow execution of arbitrary code, but requires that the UTF-8 character set is selected. For a detailed explanation of the vulnerability read the referenced article.
Vendor has released PHP 5.2.0 which fixes this issue.
Cum pot eu profita de erroarea " htmlentities() " ," htmlspecialchars() ".
Si inca ceva nu inteleg ce vrea sa zica cu " UTF-8 " ?
Astept opini
_______________________________________
|
|
| pus acum 16 ani |
|
|
|
UTF-8 e codarea caracterelor
" htmlentities() " ," htmlspecialchars() ". nu sunt erori si functii....trebuie sa cauti un exploit care sa scrie mai multe date in bufferul de memorie decat este prevazut ceea ce are duce la oprirea executiei scriptului.
|
|
| pus acum 16 ani |
|
hackcrack
Little Kevin
Inregistrat: acum 16 ani
Postari: 98
|
|
meri mult tot_Zeu 
_______________________________________
|
|
| pus acum 16 ani |
|