lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200406261415.41750.npguy@websurfer.com.np>
From: npguy at websurfer.com.np (npguy)
Subject: flaw in php_exec_dir patch

hi venom, 

which patch are u talking .. 
well did u ever try 

http://www.google.com/search?q=php_exec_dir+site:www.php.net&l=en

there are quite a few entry which tells nothing except similar to ur post
well give a try in php-internals archive. u just get nothing. actually which 
patch are u talking about. it was never issued officially and was not  around
in the communities. you are talking about some unkown directives that was 
never intend to be used.  people often make a use of apache directives to 
allow non-safe mode to their trusted scripts, that is what i see a good 
solution for the time being. anyway if its a cool patch i am interested! give 
me some references. 

> heres a hint, learn about the product b4 you spam a mailing list, i see 5
> posts from you asking the exact same question 2 hrs apart from each other

well i never posted and saw it in the list u might be wrong. 
actually there were some postings about this patches existence. did u check 
that.

On Saturday 26 June 2004 07:19 am, VeNoMouS wrote:
> Dude do you even know what php_exec_dir patch is, its a patch so you dont
> have to turn safe mode on, which disables a bunch of shit that you need, so
> the patch was a work around simply stop you executing programs.
>
> heres a hint, learn about the product b4 you spam a mailing list, i see 5
> posts from you asking the exact same question 2 hrs apart from each other
> you think you could've googled in that time or perhaps fixed your mail
> queue?
>
> either or, stop being so fucking lazy.
>
>
> ----- Original Message -----
> From: "npguy" <npguy@...surfer.com.np>
> To: "VeNoMouS" <venom@...-x.co.nz>; <full-disclosure@...ts.netsys.com>
> Sent: Friday, June 25, 2004 2:47 AM
> Subject: Re: [Full-Disclosure] flaw in php_exec_dir patch
>
> > is your safe mode on? .. whats ur platorm.
> > give more details!
> >
> > On Wednesday 23 June 2004 07:05 am, VeNoMouS wrote:
> >> Found a issue last night while testing php_exec_dir patch
> >>
> >> if you do the following
> >>
> >> $blah=`ps aux`;
> >> echo nl2br($blah);
> >>
> >> php_exec_dir will block the call if you have set the exec_dir parm in
> >> php or apache
> >>
> >> anyway.... if you do this
> >>
> >> $blah=`;ps aux`;
> >> echo nl2br($blah);
> >>
> >> it bypasses the exec block and excutes the ps due to the ';', as bash
> >> interrupts ';' as a new cmd, ive emailed the author but no response.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ