/* Php Endangers - Remote Code Execution Arham Muhammad rko.thelegendkiller@gmail.com */ ============================ An Article By Arham Muhammad Hacking-Truths.Net ============================ x41 - Intro x42 - Basics Of Remote Code Execution And How It Develops x43 - Exactly How An Attacker Get Advantage Over This Vulnerability And Misuse It! x44 - Prevention And Filtration x45 - Conclusion ======================================================== x41 - Intro +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ The B@sIc:: InTr0: Remote Code Execution Is Yet Another Common Vulnerability existing is wide range of web apps in the current era.It allows a remote attacker to execute arbitrary code in the sytem with administrator privelages without the attention of the owner of the targetted site.It's just not a-hole-to-avoid, but an extremely risky vulnerability,which can endanger your site to different attacks, malicious deletion of data,even worst Defacing! +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ x42 - Basics Of Remote Code Execution And How It Develops ============================================================ Basic Remote Code Executions: Now I will highlight some basics remote code executions being planted that exist still in this era of web app development. We will now examine a comment form getting comments from a user("submit.php") and posting it at "comments.php" We Are analyzing submit.php with simple post method that submits the gathered user input and forward the request to comments.php. /* submit.php::