While searching around the web for new nifty tricks I stumbled across this post about how to get remote code exeution exploiting PHP’s mail() function.
First, I must say that this is only going to happen under some really rare circustances. Never the less, it’s really something to think about and keep an eye out for. I will explain an example scenario which I think could be a real life scenario later in this article.
So, when that’s said, let’s have a look at what this is all about.
more here..........http://securitysucks.info/exploit-phps-mail-to-get-remote-code-execution/
First, I must say that this is only going to happen under some really rare circustances. Never the less, it’s really something to think about and keep an eye out for. I will explain an example scenario which I think could be a real life scenario later in this article.
So, when that’s said, let’s have a look at what this is all about.
more here..........http://securitysucks.info/exploit-phps-mail-to-get-remote-code-execution/