0x0 Web - Server

samedi 10 novembre 2018, 16:02  #1
PHP eval
Jurgen
  • 1 posts

Heya,

I must be missing something... how many ways are there to run a PHP command whithout using a-zA-Z ? Or am I looking in the wrong direction ?

dimanche 11 novembre 2018, 12:45  #2
PHP eval
Th1b4ud
  • 363 posts

There is lots of way to bypass the filter. Search on google :)

lundi 7 janvier 2019, 14:12  #3
PHP eval
Doragon
  • 4 posts

Hi, i was read the .passwd file, and it have a string with [Ech0 : spoil], which looks like a flag

But when i submitted it => error, please check