PHP


=======================================================================
PHP in Linux calls a binary (sendmail) when the mail() function is executed. If we have putenv() allowed, we can set the environment variable "LD_PRELOAD", so we can preload an arbitrary shared object. Our shared object will execute our custom payload (a binary or a bash script) without the PHP restrictions, so we can have a reverse shell, for example.
======================================================================

============================Exploit For Above Summary : 
Link : https://github.com/TarlogicSecurity/Chankro
>>> python2 chankro.py --arch 64 --input rev.sh --output chan.php --path /var/www/html
PreviousFLASK NextJ-BOSS
Last updated 3 years ago