|
From: | flotsamjetsom |
Subject: | [Gnumed-devel] re: hacked |
Date: | Wed, 24 Nov 2004 10:12:38 +1100 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913 |
this sounds like quite a well known way of exploiting web servers; did the command filter through an escape() function ( escapes separater characters such as ; which can end a search command and allow the rest of the input string to be fed as a perl/ php or whatever method call)?The exploit can gain the privileges of the users as which TWiki and the web server run through the global search function of TWiki, allowing to execute arbitrary shell commands as that user.
that was what I remember how a php tuturial ( 3 years ago) recommended pre-processing user input that is used as a command parameter.
[Prev in Thread] | Current Thread | [Next in Thread] |