PHP $GLOBALS tricks

testing935
6 years ago | edited 6 years ago

0

I saw on internet It’s possible to upload a Backdoor with a PHP vuln :

https://www.exploit-db.com/exploits/26443/

But I cann’t test that on this code :

if (isset($GLOBALS [ ‘meta’ ] [ ‘adresse_neuf’ ]) and $GLOBALS[ ‘meta’ ] [ ‘adresse_neuf’ ]
and $GLOBALS[ ‘meta’ ][ ‘jours_neuf’ ]
and ($GLOBALS[ ‘meta’ ][ ‘quoi_de_neuf’ ] == ‘oui’)
) {
$taches_generales[ ‘mail’ ] = 3600 * 24 * $GLOBALS[ ‘meta’ ][ ‘jours_neuf’ ];
}

2replies
3voices
178views
dloser
6 years ago

1

That’s not what the exploit is about. You may want to read more carefully.

The code you posted makes little sense in this context. It only strongly suggests you found that code running somewhere, googled “GLOBALS exploit” and got to the mentioned link. (Which might warrant a reference to the Code of Conduct.)

Why not try walking before you try to run?

dimooz
6 years ago

1

@dloser, or the voice of wisdom.

You must be logged in to reply to this discussion. Login
1 of 3

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss