Yes is possible. Certain bugs in php are come to notice lately which they are probably suing to demonstrate this.
On 31 Aug 2002 13:12:25 -0000 "Pankaj Mishra" <[EMAIL PROTECTED]> wrote: > > > Hi folks, > Today I witnessed a demo by Microsoft gang of hacking Linux (RH > 7.3) > Thru browser on a windows client , a php file was sent to Linux > thru browser and then executed. After that a page appeared thru > which command can be executed on Linux. They copied the whole > /etc/shadow and tried to break the root password and demonstrated > breaking of root password within a minute. > I asked them how they are doing it and under what account Apache > was running. But they gave evasive replies. IS THIS POSSIBLE !! I > want to again get back to them and seek their response. BUT PLEASE > TELL ME FIRST IS THIS POSSIBLE ? I want to do my homework first > and then confront them. > IS IT POSSIBLE TO WRITE A FILE ON LINUX BY GIVING SIMPLE PHP > COMMANDS THRU URL? > IS IT POSSIBLE TO EXECUTE THAT PHP SCRIPT AND GET ACCESSS TO > /etc/shadow. > > Please reply fast. > Punkuz > > > ------------------------------------------------------- > This sf.net email is sponsored by: OSDN - Tired of that same old > cell phone? Get a new here for FREE! > https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 > _______________________________________________ > linux-india-help mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/linux-india-help ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
