|
|
|
|
|
|
by tjallingt
3619 days ago
|
|
|
I have some questions about two things in the exploit code that puzzled me: my $php_code = 'eval(\'
header("X-Accel-Buffering: no");
header("Content-Encoding: none");
header("Connection: close");
error_reporting(0);
echo file_get_contents("/etc/passwd");
ob_end_flush();
ob_flush();
flush();
\');';
1. they seem to be using php to code the exploit (solely based on the $ before the variable name) but i've never seen the 'my' keyword before, what exactly is this language?2. if i understand the exploit correctly they got remote code execution by finding the pointer to 'zend_eval_string' and then feeding the above code into it. doesn't that mean the use of 'eval' in the code that is being executed is unnecessary? |
|
|
It's Perl: http://perldoc.perl.org/functions/my.html