+ 6

[PHP][Hack] Vulnerability in codeplayground

This shell code can do many things while uploaded to any webserver and executed, but in codeplayground there are some security mechanism to stop it. However The program can be executed nestedly any times. [[http://i64.tinypic.com/69hxz9.jpg]] To see the source code change the last two lines into following //@eval(gzinflate(base64_decode($code))); $decoded = (gzinflate(base64_decode($code))); $myfile = fopen("newfile.txt", "w") or die("Unable to open file!"); fwrite($myfile, $decoded); fclose($myfile); echo "done"; @mycodes/evilScript https://code.sololearn.com/w9n14xoJuaEq/#php It is just for learning purpose.

15th May 2017, 8:58 AM
xCalifier
xCalifier - avatar
1 Answer