Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Security Musings:
PHP: Please Hack Pal.
Jul 16, 2010 @ 11:44:47

On the Security Musings blog today there's a new post from Anurag that walks you through the process, step-by-step, of how he exploited an image gallery written in PHP (including the tools he used).

I always read, PHP applications are a security guy’s nightmare. Always thought why, Coming from a world of packets and frames code made lesser sense. Until I stumbled upon this application. The application was an Image gallery, with a lot of nice cool pics and an option to share and upload pics. This was a PHP application. Oh, it was fun! I thought of playing with it. As soon as I checked the Image upload option, the security freak in me took over.

Using tools like BURP, Extplorer and Fgdump he was able to find a hole that let him upload whatever he wanted including full access to the machine and the Windows admin password.

tagged: hack windows server process tools