Results 1 to 9 of 9

Thread: PHP exploit

  1. #1
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Question PHP exploit

    Hi guys,

    i have mail server IceWarp Server and everything is okay.
    but i find one exploit for that software IceWarp Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BOF PoC
    i downloaded and i note it's PHP file so,
    how i can use that file?
    could some one PLZ help me.

    Best Regards,
    Last edited by skull2006; 07-18-2010 at 12:01 AM.

  2. #2
    Just burned his ISO ravbyte's Avatar
    Join Date
    Jul 2010
    Location
    Guatemala
    Posts
    20

    Default Re: PHP exploit

    Quote Originally Posted by skull2006 View Post
    Hi guys,

    i have mail server IceWarp Server and everything is okay.
    but i find one exploit for that software IceWarp Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BOF PoC
    i downloaded and i note it's PHP file so,

    could some one PLZ help me.

    Best Regards,
    ok men, but i don't understand what you want help for? Patching you server? Excute the xploit? Or what? The major amount of xploits 're have a readme or comments with the instructions of how to use and i'm so sure that you can found a big documentation on google about any xploit, regards.

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: PHP exploit

    Run it using the php interpreter.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #4
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Default

    Quote Originally Posted by ravbyte View Post
    ok men, but i don't understand what you want help for? Patching you server? Excute the xploit? Or what? The major amount of xploits 're have a readme or comments with the instructions of how to use and i'm so sure that you can found a big documentation on google about any xploit, regards.
    Thank you for your feedback.

    yes man, i want Excute the xploit.

    Quote Originally Posted by lupin View Post
    Run it using the php interpreter.
    thank you man i will check it out,,,,,,,,,,,,,,,,,but i'm ???Stuck???
    Last edited by skull2006; 07-18-2010 at 11:53 AM. Reason: Merging...use multi quote feature OP

  5. #5
    Just burned his ISO ravbyte's Avatar
    Join Date
    Jul 2010
    Location
    Guatemala
    Posts
    20

    Default Re: PHP exploit

    Quote Originally Posted by skull2006 View Post
    Thank you for your feedback.

    yes man, i want Excute the xploit.



    thank you man i will check it out,,,,,,,,,,,,,,,,,but i'm ???Stuck???
    Ok, do what lupin say's for execute a php script, you have to use a interpreter, remember that php it's execute on the server side not in the client's so intall php on the side where you want to execute the script, for example on windows exist wamp, it's a combination of apache, mysql and php on one setup, regards.

  6. #6
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default Re: PHP exploit

    Well if you don't know how to even run a php script you shouldn't play around with any PoCs. You won't know what they do exactly and instead of exploiting something you might end up backdooring your own system.

    Google is your friend, and you are lacking the very basics. In order to improve you should dig into the very basics, learn a programming language if you don't know one. Stick to it, learn how programming works and then and only then you might consider looking at a second programming language.
    Tiocfaidh ár lá

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: PHP exploit

    Quote Originally Posted by skull2006 View Post
    thank you man i will check it out,,,,,,,,,,,,,,,,,but i'm ???Stuck???
    Try the following:
    Code:
    man php
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Lightbulb Re: PHP exploit

    Quote Originally Posted by lupin View Post
    Try the following:
    Code:
    man php

    You are the BEST ,,
    i forgot the simple command thank you man.
    Last edited by skull2006; 07-19-2010 at 01:05 PM.

  9. #9
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: PHP exploit

    When all else fails RTFM.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Similar Threads

  1. Replies: 1
    Last Post: 06-25-2010, 02:49 AM
  2. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  3. MSF : My first exploit
    By aemaeth in forum Beginners Forum
    Replies: 5
    Last Post: 03-16-2010, 05:51 PM
  4. How do I go about using this exploit?
    By ESC201 in forum OLD Newbie Area
    Replies: 33
    Last Post: 12-03-2007, 06:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •