Reply to Re: Qustion on viewing code

Your name:

Reply:


Posted by shimmyshack on 02/23/07 18:58

On 23 Feb, 18:38, "Steve" <no....@example.com> wrote:
> "Rik" <luiheidsgoe...@hotmail.com> wrote in message
>
> news:op.tn7q1znlqnv3q9@misant...| shimmyshack <matt.fa...@gmail.com> wrote:
> | Rik <luiheidsgoe...@hotmail.com> wrote:
>
> | >> Rik <luiheidsgoe...@hotmail.com> wrote:
> | >> > shimmyshack <matt.fa...@gmail.com> wrote:
> | >> >> This is the only statement in my httpd.conf:
> | >>
> | >> >> AddType application/x-httpd-php .php
> | >>
> | >> >> and yet the attack works.
> | >> >> The server doesnt have to be set up to parse every doc for php, that
> | >> >> was an assumption.
> | >> >> Has anyone here tried it on their server?
> | >>
> | >> > Attack does not work here on the local server....
> | >>
> | >> And the live server is also safe :-)
> | >
> | > out of interest what are you running, is php a module, ta.
> |
> | Homebox:
> | W2K, Apache 2.2.2, PHP 5.1.4 as a module.
> |
> | Live server:
> | FreeBSD 5.3, Apache 2.0.54, PHP 4.4.2 (yes, still, goddamnit) as a module.
>
> lol. it feels that way some times don't it. ;^)

steve with regards your previous offer, the phrase "i'm not worthy"
flashes into my shrivelled brain. Although of course it would be fun,
have you taken a look at the great CAL9000 stuff from RSnake (http://
www.owasp.org/index.php/Category:OWASP_CAL9000_Project)? While not
specifically aimed at server side pen testing, it is the vector by
which your code could be introduced.

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация