PaulDotCom mailing list archives
Re: Exploiting vulnerable php functions
From: Dancing Dan <d4ncingd4n () gmail com>
Date: Sun, 8 Sep 2013 13:47:27 -0500
I haven't looked at PHP internals but, some languages create functions as extensions of other functions as a form of code reuse. This could lead to unexpected file inclusion. Does anybody know if PHP does that? Bart On Sep 8, 2013 1:39 PM, "Robin Wood" <robin () digininja org> wrote:
On 8 Sep 2013 19:01, "Jim Halfpenny" <jim.halfpenny () gmail com> wrote:In short no. Take a look at file inclusion vulnerabilities. http://en.m.wikipedia.org/wiki/File_inclusion_vulnerabilityIf you are suggesting include in a file which uses a vulnerable function then your answer is actually yes. RobinRegards Jim On 8 Sep 2013 04:40, "Sean McCormick" <sean.m.mccormick () gmail com>wrote:If a website is running a version of php with vulnerable functions doesthe function have to be used in a script in order to exploit the vulnerability?_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Exploiting vulnerable php functions Sean McCormick (Sep 07)
- Re: Exploiting vulnerable php functions allison nixon (Sep 08)
- Re: Exploiting vulnerable php functions Jim Halfpenny (Sep 08)
- Re: Exploiting vulnerable php functions Robin Wood (Sep 08)
- Re: Exploiting vulnerable php functions Dancing Dan (Sep 09)
- Re: Exploiting vulnerable php functions Robin Wood (Sep 10)
- Re: Exploiting vulnerable php functions allison nixon (Sep 10)
- Re: Exploiting vulnerable php functions Ryan Sears (Sep 11)
- Re: Exploiting vulnerable php functions Robin Wood (Sep 11)
- Re: Exploiting vulnerable php functions Sean McCormick (Sep 12)
- Re: Exploiting vulnerable php functions Robin Wood (Sep 13)
- Re: Exploiting vulnerable php functions Robin Wood (Sep 08)
- Re: Exploiting vulnerable php functions Dancing Dan (Sep 11)
- Re: Exploiting vulnerable php functions Danny Chrastil (Sep 09)
- Re: Exploiting vulnerable php functions Jim Halfpenny (Sep 09)