Bugtraq: Re: [PHP Bug] How to hide a HTTP request in the apache logs

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [PHP Bug] How to hide a HTTP request in the apache logs

From: Max Valdez <maxvalde () fis unam mx>
Date: Mon, 9 Aug 2004 16:14:29 -0500

works on Apache/2.0.50 PHP 4.3.8
over gentoo.

The subject is a little bit missleading, because the user has to be able to 
insert the code under documento root. Cant see any security concern on that 
code with social engeniering not involved.

Max

-- 
Linux garaged 2.6.7-rc3-mm2 #2 Sat Jun 19 15:43:32 CDT 2004 i686 Intel(R) 
Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GS/S d- s: a-29 C++(+++) ULAHI+++ P+ L++>+++ E--- W++ N* o-- K- w++++ O- M-- 
V-- PS+ PE Y-- PGP++ t- 5- X+ R tv++ b+ DI+++ D- G++ e++ h+ r+ z**
------END GEEK CODE BLOCK------
gpg-key: http://garaged.homeip.net/gpg-key.txt

By Date By Thread

Current thread:

[PHP Bug] How to hide a HTTP request in the apache logs Anthony Debhian (Aug 07)
- Re: [PHP Bug] How to hide a HTTP request in the apache logs Steve Brown (Aug 09)
- Re: [PHP Bug] How to hide a HTTP request in the apache logs Max Valdez (Aug 09)