DeveloperSide.NET Forums
November 19, 2019, 11:09:27 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: c99shell exploit  (Read 16698 times)
0 Members and 1 Guest are viewing this topic.
night2dark2
Jr. Member
**
Posts: 98


Yeah Dont really ask.

mfaiotto@msn.com
View Profile WWW
« on: September 30, 2007, 03:19:15 AM »

People please be careful with File Upload scripts. If a hacker wants to hack your site they might view the directory of your site then Uploading the PHPScript. theirs a catch. With your File Upload script you might only accept certain file types. Eg TextFiles or image files. so they will use
Code:
%path%\%file%.php%00.EXT
and thats One of the exploits. and 2 JavaScript Injection. Careful if your Site has any cookies or saves them in the path. I read a small guide on how to do a website attack. I Learned a bunch. and Admin , That Base64 Code is Encrypted 20x. You wont get to the bottem of the Base64. if you want to see what the shell can do to your computer , PM me and ill send you the file you need. You might say what? this doesnt look like a valid file. WRONG! it is a valid file. Its a Base64 Encrypted file. Because of eval(gzinflate(base64_decode

so yeah. Just becareful with some scripts. I Did a test of my own on my site. I saw exploits that I never knew Existed on my site. Admin maybe start Providing Mod_Suhosin over mod_Security for the Suite install.
Logged

Revolution Gamers Host.
Master of all Gunz Server Hosting Needs.
Revolution Gamers International Gaming Commmunity
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!