Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: VERY HIGH VULNERABILITY DISCLOSURE !!! MASS ROOT POSSIBLE !!! PLEASE BE ATTENTIVE !!!
From: Rudolf Polzer <divzero () gmail com>
Date: Sat, 3 Jul 2004 18:19:59 +0200

On Sat, 3 Jul 2004 06:40:55 +0200, Frog M () n <frogman () bonbon net> wrote:
This is IHCTEAM material. We fuck blackhats and we own the planet.
This is a leet advisory, s0 l33t. Just read it and be quiet.

Not at all. But it's always good to mention the Nr. 1 security
nightmare people produce with scripting language. Good job.

There is a BIGBUG in all php versions, in the include() function.
If this function is badly used, a roxor hax0r (like us) can compromise
a box remotely. He can execute commands with apache rights.

If it's badly used, the author of the script should get another job.

index.php:
...
include($page); // <--- fucking lame
...

Just because many PHP programmers are fucking idiots you cannot blame
that on PHP.

<?
system("$cmd");
?>

So your next advisory will be about a BIGBUG in system() - when badly
used, an attacker can execute arbitrary code on your webserver?

We all already know that. Really.

Don't use the include() function, it is coded by idiots, like THEO () openbsd 

No. Do not use the include() function with unchecked untrusted input,
for it will do what the documentation says.

We owned everything and everywhere with this exploit:
www.apache.org
www.debian.org
www.nasa.gov

If that is true (proof?), it should appear in the news soon.

WE ARE LOOKING FOR A JOB IN THE SECURITY RESEARCH

lol, after THIS el-cheapo "security advisory"? Get a life. Find a real bug.


--
< polzer> besonders krank ist jedoch Kenny nach einer Basistransformation...
< polzer> Zcssczcssszszsz cscccczzzzzz zcszzc ccczsczcs.
< polzer> (ROT13)^{-1} Kenny ROT13
< polzer> .oO( fpbecker sucht das inverse Programm zu ROT13 )

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault