Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: SANS PHP Port Scanner Remote Code Execution
From: Fayyaz Ali <anees042 () gmail com>
Date: Wed, 6 Mar 2013 06:02:29 +0400

$host = $_POST['ip'];
system("ping $host");


On Wed, Mar 6, 2013 at 5:46 AM, laurent gaffie <laurent.gaffie () gmail com>wrote:

http://resources.infosecinstitute.com/php-build-your-own-mini-port-scanner/

Finding the vulnerability in this code is left as an exercise to the
reader.

PS: "*Your comment will be awaiting moderation forever."*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]