[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] SANS PHP Port Scanner Remote Code Execution
- To: laurent gaffie <laurent.gaffie@xxxxxxxxx>
- Subject: Re: [Full-disclosure] SANS PHP Port Scanner Remote Code Execution
- From: Fayyaz Ali <anees042@xxxxxxxxx>
- Date: Wed, 6 Mar 2013 06:02:29 +0400
$host = $_POST['ip'];
system("ping $host");
On Wed, Mar 6, 2013 at 5:46 AM, laurent gaffie <laurent.gaffie@xxxxxxxxx>wrote:
> http://resources.infosecinstitute.com/php-build-your-own-mini-port-scanner/
>
> Finding the vulnerability in this code is left as an exercise to the
> reader.
>
> PS: "*Your comment will be awaiting moderation forever."*
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/