| Author |
Exploiting eval() |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
In this video i exploit the eval() function to run commands/php on a webhosting company.
I finally got a new video maker, so this file is small!
http://4filehosting.com/file/21117/eval-swf.html
 |
  
|
| Author |
RE: Exploiting eval() |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
[edit]Nevermind, I watched the video. I thought you meant you actually exploited the php function eval, now I realize you just exploited it on someones site, my bad xD[/edit]
Edited by SySTeM on 15-06-07 21:53 |
|
|
| Author |
RE: Exploiting eval() |
only_samurai
[IRC Rockstar]
Posts: 984
Location: idling in some random irc channel
Joined: 18.08.06
Rank: .|unranked|. |
|
nice demo tho 
The problem with a fool-proof system, is eliminating the fool.
"His name is Cereal Killer...Like Fruitloops." If you cut me, I bleed binary.
http://blog.psych0tik.net/ |
|
|
| Author |
RE: Exploiting eval() |
mozzer
Member
Posts: 339
Location: Password Land
Joined: 21.01.06
Rank: God |
|
As far as I'm concerned, you should never use eval
"If eval() is the answer, then you're asking the wrong question"
- Sara Goleman (afaik)
I will be back |
|
|
| Author |
RE: Exploiting eval() |
bigggnick
Member
Posts: 588
Location: the moon
Joined: 25.08.05
Rank: God |
|
nice vid 
fuck this. |
|
|
| Author |
RE: Exploiting eval() |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
|
mozzer wrote:
As far as I'm concerned, you should never use eval
"If eval() is the answer, then you're asking the wrong question"
- Sara Goleman (afaik)
Agreed, eval ftl
|
|
|
| Author |
RE: Exploiting eval() |
mozzer
Member
Posts: 339
Location: Password Land
Joined: 21.01.06
Rank: God |
|
V. True...
Also, use of backticks when not necessary!
eg
`mkdir lal`
rather than
mkdir ('lal' ;
I will be back |
|
|
| Author |
RE: Exploiting eval() |
lesserlightsofheaven
Member
Posts: 723
Location: EAX
Joined: 02.11.06
Rank: God
Warn Level: 30
|
|
I dig this even more then the CSRF one, excellent work!
Keep 'em coming.
"'Following a telephone line north, I have come upon some wonderful places,' continued the repairman. 'Swamps where cedars grow and turtles wait on logs but not for anything in particular; fields bordered by crooked fences broken by years of standing still; orchards so old they have forgotten where the farmhouse is. In the north I have eaten my lunch in pastures rank with ferns and junipers, all under fair skies with a wind blowing. My business has taken me into spruce woods on winter nights where the snow lay deep and soft, a perfect place for a carnival of rabbits. I have sat at peace on the freight platforms of railroad junctions in the north, in the warm hours and with the warm smells. I know fresh lakes in the north, undisturbed except by fish and hawk and, of course, by the Telephone Company, which has to follow its nose. I know all these places well. They are a long way from here--don't forget that. And a person who is looking for something doesn't travel very fast.'" |
|
|
Main:
