At 9:27 PM +0200 6/20/07, Tijnema wrote:
On 6/20/07, tedd [EMAIL PROTECTED] wrote:
If you are worried about evil code being in the image, you could
always resample the image (larger or smaller). Not that I have
personal experience, but I would think that any piece of code that is
resampled is
On 6/20/07, Tijnema [EMAIL PROTECTED] wrote:
Hi all,
Just received a mail from phpclasses, which pointed to this very
interesting article[1]. Seems good to know for starters ;)
The experts around here probably already know this way of exploits.
Tijnema
[1]
Daniel Brown wrote:
On 6/20/07, Tijnema [EMAIL PROTECTED] wrote:
Hi all,
Just received a mail from phpclasses, which pointed to this very
interesting article[1]. Seems good to know for starters ;)
The experts around here probably already know this way of exploits.
Tijnema
[1]
On 6/20/07, Jochem Maas [EMAIL PROTECTED] wrote:
Daniel Brown wrote:
On 6/20/07, Tijnema [EMAIL PROTECTED] wrote:
Hi all,
Just received a mail from phpclasses, which pointed to this very
interesting article[1]. Seems good to know for starters ;)
The experts around here probably already
Thanks for the link.
I got worried for a second that my code could be exploited so I did a
quick check to make sure that mime-types were correct. (I check the
mime type to make sure it's an image, not the file extension.) I
renamed a .jpg file .jpg.php and uploaded it and got application/x-php
At 12:53 PM -0400 6/20/07, Daniel Brown wrote:
No, not the upload and execution, per se, but rather using images
to contain processable PHP code.
--
Daniel P. Brown
Daniel:
Wow! Now that's something I would like to see -- you do have a demo?
As far as legitimate reasons, how about
On 6/20/07, tedd [EMAIL PROTECTED] wrote:
At 12:53 PM -0400 6/20/07, Daniel Brown wrote:
No, not the upload and execution, per se, but rather using images
to contain processable PHP code.
--
Daniel P. Brown
Daniel:
Wow! Now that's something I would like to see -- you do have a demo?
As
At 2:32 PM -0400 6/20/07, Guillaume Theoret wrote:
Thanks for the link.
I got worried for a second that my code could be exploited so I did a
quick check to make sure that mime-types were correct. (I check the
mime type to make sure it's an image, not the file extension.) I
renamed a .jpg file
On 6/20/07, tedd [EMAIL PROTECTED] wrote:
At 2:32 PM -0400 6/20/07, Guillaume Theoret wrote:
Thanks for the link.
I got worried for a second that my code could be exploited so I did a
quick check to make sure that mime-types were correct. (I check the
mime type to make sure it's an image, not
On Wed, 2007-06-20 at 15:12 -0400, Daniel Brown wrote:
On 6/20/07, tedd [EMAIL PROTECTED] wrote:
At 12:53 PM -0400 6/20/07, Daniel Brown wrote:
No, not the upload and execution, per se, but rather using images
to contain processable PHP code.
--
Daniel P. Brown
Daniel:
10 matches
Mail list logo