View Single Post
  #8  
Old 03-26-2013, 8:45 AM
atto's Avatar
atto atto is offline
Member
 
Join Date: Dec 2009
Posts: 427
iTrader: 2 / 100%
Default

I'm pretty sure that they are using the base64 encoded file to enter code.

For example, a friend of mine had a notepad app on his website that let you write a subject and insert text. I named it foobar.php and inserted php with a "z" variable that would be decoded via base64. I then wrote php code, encoded it in base64, and added z=MYBASE64 to the end if his url.

Eg. Foobar.php?z=mybase64

That would allow me to run anything I wanted on his server, including a remote shell.

More to come later (on my phone)
Reply With Quote