|
Full Disclosure
mailing list archives
Re: SANS PHP Port Scanner Remote Code Execution
From: Fayyaz Ali <anees042 () gmail com>
Date: Wed, 6 Mar 2013 06:02:29 +0400
$host = $_POST['ip'];
system("ping $host");
On Wed, Mar 6, 2013 at 5:46 AM, laurent gaffie <laurent.gaffie () gmail com>wrote:
http://resources.infosecinstitute.com/php-build-your-own-mini-port-scanner/
Finding the vulnerability in this code is left as an exercise to the
reader.
PS: "*Your comment will be awaiting moderation forever."*
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
| 
