Rascal_21
Posts : 196 Join date : 2010-09-30 Age : 33 Location : Al bantani
| Subject: phpMyAdmin 3 Remote Code Execution Exploit Sun Nov 20, 2011 3:11 am | |
| - Quote :
#!/usr/bin/env python # coding=utf-8 # pma3 – phpMyAdmin3 remote code execute exploit # Author: wofeiwo # Thx Superhei # Tested on: 3.1.1, 3.2.1, 3.4.3 # CVE: CVE-2011-2505, CVE-2011-2506 # Date: 2011-07-08 # Have fun, DO *NOT* USE IT TO DO BAD THING. ###################################################### # Requirements: # 1. “config” directory must created & writeable in pma directory. # 2. session.auto_start = 1 in php.ini configuration. ###############################################
| |
|