Some declarations first:
- This is blackhat.
- Do this at your own risk.
Here we go:
There’s an exploit for PHP versions 4.4.3 -> 4.4.6 lurking around in the phpinfo() files. Basically, it’s an XSS vulnerability in the phpinfo() function which gives unescaped output for all user-submitted arrays in GET, POST and Cookies (More info can be found here). You can find all of the affected sites by querying this in Google:
“PHP Version 4.4″ “phpinfo()”
If you find one of the URLs and add this on the end:
?f[]=%3Ca%20href%3Dhttp%3A//WWW.YOURWEBSITE.COM/%3EYOUR%20ANCHOR%20TEXT%3C/a%3E
Replacing the YOURWEBSITE.COM for your URL and entering YOUR ANCHOR TEXT (with %20 as spaces). Hit enter, then scroll down to “PHP Variables” and you’ll see you’ve injected two of your links on the page.
Post a Comment