> https://www.xxx.co.uk/register.php";| grep "123"
I wonder what kind of browser could make this, probably a hacker-made one!
This URL will have to be translated into its equivalent URI, if using
GET the HTTP message's start line would look like:
GET /register.php"| grep "123" HTTP/1.1
First of
Is there more to the register.php file that we're not seeing? It has to have
some sort of action...
On Thu, Jun 4, 2009 at 3:28 PM, Stuart wrote:
> 2009/6/4 Morris :
> > Hi
> >
> > The register.php has only a form
> >
> > >
> >
> >
> >
> > ?>
> >
> > Does this help ?
>
> 1) That is not vali
2009/6/4 Morris :
> Hi
>
> The register.php has only a form
>
>
>
>
>
> ?>
>
> Does this help ?
1) That is not valid PHP code.
2) Even if it were there's nothing in there that would be exploitable
through the URL you sent in your first email.
-Stuart
--
http://stut.net/
> 2009/6/4 Stuart
Hi
The register.php has only a form
?>
Does this help ?
Thanks for reply
2009/6/4 Stuart
> 2009/6/4 Morris :
> > Hi
> >
> > Can anyone help me handel this URL injection ?
> >
> > https://www.xxx.co.uk/register.php";| grep "123"
> >
> > I want to detect it and header back to my index pag
2009/6/4 Morris :
> Hi
>
> Can anyone help me handel this URL injection ?
>
> https://www.xxx.co.uk/register.php";| grep "123"
>
> I want to detect it and header back to my index page.
>
> It's quite urgent
What the smeg is register.php doing that makes it execute that?? Show
us the code.
-Stuart
Hi
Can anyone help me handel this URL injection ?
https://www.xxx.co.uk/register.php";| grep "123"
I want to detect it and header back to my index page.
It's quite urgent
Thanks for help
M.
6 matches
Mail list logo
