Apache / PHP 5.x Remote Code Execution Exploit

/* Apache Magica by Kingcope */ /* gcc apache-magika.c -o apache-magika -lssl */ /* This is a code execution bug in the combination of Apache and PHP. On Debian and Ubuntu the vulnerability is present in the default install of the php5-cgi package. When the php5-cgi package is installed on Debian and Ubuntu or php-cgi is installed manually the php-cgi binary is accessible under /cgi-bin/php5 and /cgi-bin/php. The vulnerability makes

完美扫描PHP特殊一句话后门

<?php /********************** 作者 Spider 网上公布的各种PHP后门全军覆没 针对一些特殊变形的后门需要自己添加特征 误报率不到百分之一 **********************/ error_reporting(E_ERROR); ini_set('max_execution_time',20000); ini_set('memory_limit','512M'); header("content-Type: text/html; charset=gb2312"); $matches = array( '/function\_exists\s*\(\s*[\'|\"](popen|exec|proc\_open|system|passthru)+[\'|\"]\s*\)/i', '/(exec|shell\_exec|system|passthru)+\s*\(\s*\$\_(\w+)\[(.*)\]\s*\)/i', '/((udp|tcp)\:\/\/(.*)\;)+/i', '/preg\_replace\s*\((.*)\/e(.*)\,\s*\$\_(.*)\,(.*)\)/i', '/preg\_replace\s*\((.*)\(base64\_decode\(\$/i', '/(eval|assert|include|require|include\_once|require\_once)+\s*\(\s*(base64\_decode|str\_rot13|gz(\w+)|file\_(\w+)\_contents|(.*)php\:\/\/input)+/i', '/(eval|assert|include|require|include\_once|require\_once|array\_map|array\_walk)+\s*\(\s*\$\_(GET|POST|REQUEST|COOKIE|SERVER|SESSION)+\[(.*)\]\s*\)/i', '/eval\s*\(\s*\(\s*\$\$(\w+)/i', '/(include|require|include\_once|require\_once)+\s*\(\s*[\'|\"](\w+)\.(jpg|gif|ico|bmp|png|txt|zip|rar|htm|css|js)+[\'|\"]\s*\)/i', '/\$\_(\w+)(.*)(eval|assert|include|require|include\_once|require\_once)+\s*\(\s*\$(\w+)\s*\)/i', '/\(\s*\$\_FILES\[(.*)\]\[(.*)\]\s*\,\s*\$\_(GET|POST|REQUEST|FILES)+\[(.*)\]\[(.*)\]\s*\)/i',

LiveCart 1.4 Remote Code Execution

#Title : LiveCart 1.4 Remote Code Execution #Author : DevilScreaM #Date : 10/23/2013 #Category : Web Applications #Type : PHP #Vendor : http://livecart.com #Download : http://livecart.com/download #Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber #Thanks : ShadoWNamE | gruberr0r | Win32Conficker | Rec0ded | #Vulnerabillity : Remote Code Execution #Dork : intext:Powered by LiveCart & USE YOUR BRAIN Vuln : http://site-target/library/openFlashChart/ofc_upload_image.

麻省理工学院:开发出能自动组装“方块机器人”!

视频: M-Blocks Modular Robots youtube.com/watch?v=mOqjFa4RskA These proof-of-concept robots are the first step in a project that will hopefully lead to the development of modular robot blocks that are cable of generic lattice-based self-reconfiguration. This current generation of robots is limited to being able to "roll" in only one direction per cube. Future work will hopefully add the ability for a single robot to move in all three planes.

php4fun.sinaapp.com PHP挑战通关攻略

challenge 1 php code: #GOAL: get password from admin; error_reporting(0); require 'db.inc.php'; function clean($str){ if(get_magic_quotes_gpc()){ $str=stripslashes($str); } return htmlentities($str, ENT_QUOTES); } $username = @clean((string)$_GET['username']); $password = @clean((string)$_GET['password']); $query='SELECT * FROM users WHERE name=\''.$username.'\' AND pass=\''.$password.'\';'; $result=mysql_query($query); if(!$result || mysql_num_rows($result) < 1){ die('Invalid password!'); } $row = mysql_fetch_assoc($result); echo "Hello ".$row['name']."</br>"; echo "Your password is:".$row['pass']."</br>"; 攻略: 在单引号内的mys

Reverse Engineering a D-Link Backdoor

All right. It’s Saturday night, I have no date, a two-liter bottle of Shasta and my all-Rush mix-tape…let’s hack. On a whim I downloaded firmware v1.13 for the DIR-100 revA. Binwalk quickly found and extracted a SquashFS file system, and soon I had the firmware’s

站争(代号1937)引子

人类平均寿命为60年,有一半人用了30年睡觉,也就剩下30年,而在这30年中,16岁成年,也就意味着只有14年是真正的活着 这14年中从懵懂到

讨论下快捷支付存在的风险

讨论下快捷支付存在的风险 jeary (?????????????????????????) | 2013-10-12 09:51 由于没有网银,所以用的快捷支付,是挺方便的。可是当我仔细想想开通的流程,然后惊呆了,寝食难安了。 绑定条件 1