Full Disclosure mailing list archives
Re: Re: phpBB 2.0.17 (and other BB systems as well).
From: "Morning Wood" <se_cur_ity () hotmail com>
Date: Mon, 24 Oct 2005 17:28:00 -0700
By prepending image headers you can often fool php/IE. This technique has been used successfully to bypass php checking and renders the php upon access. ----------------------------------------------- ÿØÿà JFIF <?php some phpcode ?> ----------------------------------------------- or ----------------------------------------------- GIF87aÔ <?php some phpcode ?> ----------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. K-Gen Gen (Oct 22)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 23)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 25)
- phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Paul Laudanski (Oct 25)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 25)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Paul Laudanski (Oct 25)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 25)
- Re: Re: phpBB 2.0.17 (and other BB systems as well). Morning Wood (Oct 25)
- Re: Re: phpBB 2.0.17 (and other BB systems as well). Matthew Murphy (Oct 25)
- Re: Re: phpBB 2.0.17 (and other BB systems as well). Valdis . Kletnieks (Oct 25)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 25)
- Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 23)
- Re: Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Tatercrispies (Oct 27)
- Re: Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. Nicob (Oct 27)