| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dhill+fulldisc at cricalix.net (Duncan Hill) Subject: VERY HIGH VULNERABILITY DISCLOSURE !!! MASS ROOT POSSIBLE !!! PLEASE BE ATTENTIVE !!! On Saturday 03 July 2004 05:40, Frog M@n wrote: > This is IHCTEAM material. We fuck blackhats and we own the planet. > This is a leet advisory, s0 l33t. Just read it and be quiet. > There is a BIGBUG in all php versions, in the include() function. > If this function is badly used, a roxor hax0r (like us) can compromise > a box remotely. He can execute commands with apache rights. > > Example: > > www.fuck-teso.com/index.php?page=whitehats.php > > index.php: > ... > include($page); // <--- fucking lame php.ini register_globals = off and/or allow_url_fopen = false For php versions < 4.0.4, compile with --disable-url-fopen-wrapper Basic comprehension skills, and a quick check of the PHP manual tells you all you need to know. The PHP folks have advocated for over a year to disable register_globals and use the super globals instead. Using include or require with a variable that the user can supply is just poor coding, not a bug in the language.
Powered by blists - more mailing lists