Just another PHP LFI exploitation method
This article describes a method of taking advantage of a .php script Local File Inclusion vulnerability. It does not describe any vulnerability in the PHP engine itself, nor does it describe any new vulnerability class.
Summary:
- this method works like a charm on Windows (http://site/?page=C:\Windows\Temp\php<<)
- trick with << in FindFirstFile ftw!
- this method works in some very specific cases on Linux-based OS'es (and doesn't work in other cases)
- GetTempFileName in WinAPI is surprisingly weak
- but mkstemp from GNU lib C is surprisingly strong
Download: PDF
Volut-ID | World News Articles
All news of interest and can provide an info for you, and so can assist in the search for new news.
About news gadgets, mobile phones
info about the latest mobile phone, from news, features, and the most mobile phone models in search of the world.
No response to “PHP LFI to arbitratry code execution via rfc1867 file upload temporary files”
Leave a reply