By the way, if you did use file inclusion in order to abuse vulnerable php functions, would it have gained you any more access than if you just file included a shell?
On Tue, Sep 10, 2013 at 4:28 AM, Robin Wood <[email protected]> wrote: > > > > On 8 September 2013 19:47, Dancing Dan <[email protected]> wrote: > >> I haven't looked at PHP internals but, some languages create functions as >> extensions of other functions as a form of code reuse. This could lead to >> unexpected file inclusion. >> >> Does anybody know if PHP does that? >> > > Do you mean one function internally calls another, for example a string > compare ignoring case will call the generic string compare but pass in the > ignore case flag? > > I've no idea if PHP does this but would be interested to find out and if > it does to get a list of what calls what. > > Robin > > >> Bart >> On Sep 8, 2013 1:39 PM, "Robin Wood" <[email protected]> wrote: >> >>> >>> On 8 Sep 2013 19:01, "Jim Halfpenny" <[email protected]> wrote: >>> > >>> > In short no. Take a look at file inclusion vulnerabilities. >>> > >>> > http://en.m.wikipedia.org/wiki/File_inclusion_vulnerability >>> >>> If you are suggesting include in a file which uses a vulnerable function >>> then your answer is actually yes. >>> >>> Robin >>> >>> > Regards >>> > Jim >>> > >>> > On 8 Sep 2013 04:40, "Sean McCormick" <[email protected]> >>> wrote: >>> >> >>> >> If a website is running a version of php with vulnerable functions >>> does the function have to be used in a script in order to exploit the >>> vulnerability? >>> >> >>> >> >>> >> _______________________________________________ >>> >> Pauldotcom mailing list >>> >> [email protected] >>> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> >> Main Web Site: http://pauldotcom.com >>> > >>> > >>> > _______________________________________________ >>> > Pauldotcom mailing list >>> > [email protected] >>> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> > Main Web Site: http://pauldotcom.com >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- _________________________________ Note to self: Pillage BEFORE burning.
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
