[Full-Disclosure] flaw in php_exec_dir patch
VeNoMouS
venom at gen-x.co.nz
Sat Jun 26 02:34:44 BST 2004
Dude do you even know what php_exec_dir patch is, its a patch so you dont
have to turn safe mode on, which disables a bunch of shit that you need, so
the patch was a work around simply stop you executing programs.
heres a hint, learn about the product b4 you spam a mailing list, i see 5
posts from you asking the exact same question 2 hrs apart from each other
you think you could've googled in that time or perhaps fixed your mail
queue?
either or, stop being so fucking lazy.
----- Original Message -----
From: "npguy" <npguy at websurfer.com.np>
To: "VeNoMouS" <venom at gen-x.co.nz>; <full-disclosure at lists.netsys.com>
Sent: Friday, June 25, 2004 2:47 AM
Subject: Re: [Full-Disclosure] flaw in php_exec_dir patch
> is your safe mode on? .. whats ur platorm.
> give more details!
>
> On Wednesday 23 June 2004 07:05 am, VeNoMouS wrote:
>> Found a issue last night while testing php_exec_dir patch
>>
>> if you do the following
>>
>> $blah=`ps aux`;
>> echo nl2br($blah);
>>
>> php_exec_dir will block the call if you have set the exec_dir parm in php
>> or apache
>>
>> anyway.... if you do this
>>
>> $blah=`;ps aux`;
>> echo nl2br($blah);
>>
>> it bypasses the exec block and excutes the ps due to the ';', as bash
>> interrupts ';' as a new cmd, ive emailed the author but no response.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Full-Disclosure is hosted and sponsored by Secunia.