VaKo Posted December 23, 2007 Share Posted December 23, 2007 I'm testing some new security stuff, if you get a weird error (503 usually), please pastebin your post and link to it here. I need to figure out what false positives it may throw up and remove them from the list. Quote Link to comment Share on other sites More sharing options...
GonZor Posted December 23, 2007 Share Posted December 23, 2007 "f open" (without the space) triggers this error. Method Not Implemented POST to /index.php not supported Quote Link to comment Share on other sites More sharing options...
VaKo Posted December 23, 2007 Author Share Posted December 23, 2007 I've disabled that in php.ini so i'll just change that to log. Quote Link to comment Share on other sites More sharing options...
VaKo Posted December 23, 2007 Author Share Posted December 23, 2007 In what context where you discussing the use of "f open"? Quote Link to comment Share on other sites More sharing options...
GonZor Posted December 24, 2007 Share Posted December 24, 2007 In what context where you discussing the use of "f open"? I did a search for this thread http://forums.hak5.org/index.php/topic,7897.0.html (and any others about about "f open") Quote Link to comment Share on other sites More sharing options...
VaKo Posted December 24, 2007 Author Share Posted December 24, 2007 fopen? Disabled some of the more restrictive things. Quote Link to comment Share on other sites More sharing options...
K1u Posted December 24, 2007 Share Posted December 24, 2007 fopen? Disabled some of the more restrictive things. I would restrict the following: show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, escapeshellcmd, escapeshellarg, dl, mysql_error, curl_exec, curl_multi_exec, parse_ini_file, proc_terminate, proc_nice, proc_get_status, proc_close Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.