[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] flaw in php_exec_dir patch

Dude do you even know what php_exec_dir patch is, its a patch so you dont have to turn safe mode on, which disables a bunch of shit that you need, so the patch was a work around simply stop you executing programs.

heres a hint, learn about the product b4 you spam a mailing list, i see 5 posts from you asking the exact same question 2 hrs apart from each other you think you could've googled in that time or perhaps fixed your mail queue?

either or, stop being so fucking lazy.


----- Original Message ----- From: "npguy" <npguy@xxxxxxxxxxxxxxxx>
To: "VeNoMouS" <venom@xxxxxxxxxxx>; <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Friday, June 25, 2004 2:47 AM
Subject: Re: [Full-Disclosure] flaw in php_exec_dir patch


is your safe mode on? .. whats ur platorm.
give more details!

On Wednesday 23 June 2004 07:05 am, VeNoMouS wrote:
Found a issue last night while testing php_exec_dir patch

if you do the following

$blah=`ps aux`;
echo nl2br($blah);

php_exec_dir will block the call if you have set the exec_dir parm in php
or apache

anyway.... if you do this

$blah=`;ps aux`;
echo nl2br($blah);

it bypasses the exec block and excutes the ps due to the ';', as bash
interrupts ';' as a new cmd, ive emailed the author but no response.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html