VaKo Posted December 23, 2007 Posted December 23, 2007 I'm testing some new security stuff, if you get a weird error (503 usually), please pastebin your post and link to it here. I need to figure out what false positives it may throw up and remove them from the list. Quote
GonZor Posted December 23, 2007 Posted December 23, 2007 "f open" (without the space) triggers this error. Method Not Implemented POST to /index.php not supported Quote
VaKo Posted December 23, 2007 Author Posted December 23, 2007 I've disabled that in php.ini so i'll just change that to log. Quote
VaKo Posted December 23, 2007 Author Posted December 23, 2007 In what context where you discussing the use of "f open"? Quote
GonZor Posted December 24, 2007 Posted December 24, 2007 In what context where you discussing the use of "f open"? I did a search for this thread http://forums.hak5.org/index.php/topic,7897.0.html (and any others about about "f open") Quote
VaKo Posted December 24, 2007 Author Posted December 24, 2007 fopen? Disabled some of the more restrictive things. Quote
K1u Posted December 24, 2007 Posted December 24, 2007 fopen? Disabled some of the more restrictive things. I would restrict the following: show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, escapeshellcmd, escapeshellarg, dl, mysql_error, curl_exec, curl_multi_exec, parse_ini_file, proc_terminate, proc_nice, proc_get_status, proc_close Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.