[Snort-sigs] PHP Remote File Include via data: URI

Jamie Riden jamie.riden at ...2420...
Mon Oct 29 12:05:38 EDT 2012


Sorry to be a PITA; anyone got this? It'll fall off my mental "todo"
list in a day or so, and that'll be it :)

On 26 October 2012 07:59, Jamie Riden <jamie.riden at ...2420...> wrote:
> Hi all,
>
> Just to be a royal pain, PHP Remote File Include is perfectly viable
> using base64 encoded data: URIs. PoC below:
>
> # curl "http://127.0.0.1/vulnrfi.php?phone=data:text/plain;base64,PD9waHAgZWNobyAiV09PSE9PISIgPz4="
..
-- 
Jamie Riden / jamie at ...3509... / jamie.riden at ...2420...
http://uk.linkedin.com/in/jamieriden




More information about the Snort-sigs mailing list