I can inspect your entire filesystem and find writeable files which
include the php script itself and your php.ini. I can probably do even
more crazy things to your server if I were trying to hack you.
<?php
echo "<pre>";system("ls -la /home/code1/www/PHP");
?>
I'd take this script down now. Your server is wide open to attack.
On 3/07/2013 7:03 p.m., chirag sharma wrote:
I have created an online PHP code executor at http://web.guru99.com
Though I have checked all security aspects … do you experts see any
major flaw that I need to care of?
--
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
---
You received this message because you are subscribed to the Google
Groups "NZ PHP Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
---
You received this message because you are subscribed to the Google Groups "NZ PHP Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
