:: Intro ::
Prerequisites: PHP Coding
Impact: High
Popularity: Medium
Protect: Input Validate, Something like Magic_quote <_<
[hide=15]RCE, It's possible to execute (malicious) PHP Code on a website. Hackers able to read sensitive files, spawn shells, delete files, defacing ,blah blah blah... (Up to you)
:: Commonly PHP function for RCE ::
fwrite()
eval()
:: fwrite() ::
[code]$file = 'file.php';
<div align="center"><span style="font-family:Tahoma"><span style="color:#3333FF"><div align="center">-= CWH Underground Vulnerabilities Disclosure =-</div></span></span>
Be Safe,
/0x5A655133754C
Send All Submission to lucifer[at]citec.us
----------------------------------------------------------------------------------------
<span style="color:gray">`Hacking isn't about helping the security industry, Which leeches from Hacker`
Actions : (View-Readers)
There are no names to display.
Posting Permissions
Reply With Quote