[PHP][Hack] Vulnerability in codeplayground
This shell code can do many things while uploaded to any webserver and executed, but in codeplayground there are some security mechanism to stop it. However The program can be executed nestedly any times. [[http://i64.tinypic.com/69hxz9.jpg]] To see the source code change the last two lines into following //@eval(gzinflate(base64_decode($code))); $decoded = (gzinflate(base64_decode($code))); $myfile = fopen("newfile.txt", "w") or die("Unable to open file!"); fwrite($myfile, $decoded); fclose($myfile); echo "done"; @mycodes/evilScript https://code.sololearn.com/w9n14xoJuaEq/#php It is just for learning purpose.
5/15/2017 8:58:45 AMxCalifier
1 AnswerNew Answer