AW: AW: ANN: GLX2 3.05

stephen barncard stephenREVOLUTION2 at barncard.com
Thu Jun 14 20:58:47 CDT 2012


these guys would pack a string of URLEncoded PHP code with no white space
into a global, then decode and call it. It was usually placed at the bottom
of one's document.

sqb

On Thu, Jun 14, 2012 at 6:39 PM, Andre Garzia <andre at andregarzia.com> wrote:

> On Thu, Jun 14, 2012 at 10:20 PM, Mark Wieder <mwieder at ahsoftware.net
> >wrote:
>
> > ??? What possible good would changing the filetype be? Fortunately all
> > my .irev files are in cgi-bin lockers or otherwise inocuous, but I
> > can't imagine why someone would program a bot to change a non-php file
> > to a php type. Just in case it had executable php code? Weird.
> >
>
> If you change the filename to end in .php and enter a string like:
>
> <?php
>
> include "superhack.php"
>
> ?>
>
> in the beginning of the file or at the end, it will be guaranteed to run
> your hack. You can also make it download PHP code from a C&C URL, save it
> to a temp file and include it (include is PHP for execute), which is
> terribly dangerous.
>
>
> --
> http://www.andregarzia.com -- All We Do Is Code.
>

Stephen Barncard
San Francisco Ca. USA

more about sqb  <http://www.google.com/profiles/sbarncar>


More information about the use-livecode mailing list