On 6/20/07, Jochem Maas <[EMAIL PROTECTED]> wrote:
Daniel Brown wrote:
> On 6/20/07, Tijnema <[EMAIL PROTECTED]> wrote:
>> Hi all,
>>
>> Just received a mail from phpclasses, which pointed to this very
>> interesting article[1]. Seems good to know for starters ;)
>> The experts around here probably already know this way of exploits.
>>
>> Tijnema
>>
>> [1]
>>
http://www.phpclasses.org/blog/post/67-PHP-security-exploit-with-GIF-images.html
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
> I've been doing stuff like that for legitimate reasons for about
> two years.... I thought everyone knew about it.
exactly what are those legitimate reasons for uploading and executing
php on other peoples server with authorization? :->
my defense lawyer might be interested ;-)
>
No, not the upload and execution, per se, but rather using images
to contain processable PHP code.
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
