Originally posted by ewanz
View Post
-
lol a lil "please" could be usefull sometimes
PHP Code:foreach ($_SERVER as $server => $value)
{
echo "$server is $value<br />";
}
-
what do you mean lol?Originally posted by DjMatrix View Postlol a lil "please" could be usefull sometimes
our lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
-
This is what ozi posted..Make an htaccess file in the upload directory and put this:
this file ignores any file uploaded with a .php in filename or extension..In my site, aside from that thing..i also made my uploader more secure to be m0re sure and so that hackers go crazy..PHP Code:IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
<Files images>
deny from all
</Files>
<Files *.php>
deny from all
</Files>
<Files *.php.*>
deny from all
</Files>
<Files *.php.php.*>
deny from all
</Files>
Last edited by kiLLeR-eyEd_14; 05.11.09, 15:07.My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
thats useless, i can execute a phpshell with a sisx, nth, thm extentions with a few modifications to firefox's mime types
as long as the extention is executable the shell can be run unless stopped by a properly configured webserver and not just solely relying on htaccess rulesComment
-
okay and what is the best configuration to stop the excution of the phpshell that we may look out for in a webserver??Originally posted by amylee View PostComment
-
safe mode on can prevent rest i dnt knw.Originally posted by xola View Postshe is beautifull than php.and i love her more than php.
sigpicComment
-
check on ur server if they disabled some functions to protect from c99 or r57 shell script attacks..Like shell_exec, passthru, etc..Mostly, web servers disable them..And what ranzit2 said..Turn on ur safe_mode..Originally posted by xola View PostLast edited by kiLLeR-eyEd_14; 07.11.09, 02:12.My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
Okay thank you ranzit and killer,Comment
-
Where can i turn on my safe mode in my serverhttp://myfacepals.com
MYFACEPALS SOCIAL NETWORKsigpicComment
-
-
one code from myside
add it to your upload.php or wheresoever
simple and easy way to block unwanted extensions from being uploaded. hope its useful to some of you.PHP Code:$fishy = array
(".php", ".php.jpg", ".php.jpeg", ".php.gif", ".php.png",
".phtml", ".php3", ".php4",".js",".js.php",".js.png",".php5", ".js.gif",
".js.jpeg",".vb",".vb.png",".vb.jpeg",".vb.gif", ".sis", ".sisx", ".nth", ".thm");
foreach ($fishy as $item) {
if(preg_match("/$item\$/i", $_FILES['uploaded']['name'])) {
echo "<p align=\"center\">";
echo "Oops seems like you are trying to upload something fishy, <br/>
Sorry we do not allow such files.<br/>";
echo "<a href=\"gallery.php?action=main&sid=$sid\">Back to Gallery</a><br/>";
Comment
-
H0w t0 set it?Originally posted by amylee View Postour lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
-
get the php.ini in a text editor, ctrl + f for safe_mode then change off to on, ctrl + s to save and restart apache and your ****ing sortedOriginally posted by ewanz View Post
simplezComment
-
-
google it okay, its the best place for you to ask such questionsOriginally posted by makvanpor2000 View PostComment
Comment