Possible to run arbitrary PHP code on pipermail server
Erich Hoover
ehoover at mines.edu
Fri Feb 20 17:27:23 CST 2009
On Fri, Feb 20, 2009 at 4:21 PM, Remco <remco47 at gmail.com> wrote:
> I read the following e-mail on pipermail:
> http://www.winehq.org/pipermail/wine-devel/2009-February/073428.html
>
> Try downloading the PHP attachment from there; it will actually
> execute and give you an HTML page. This could easily be abused!
>
> Remco
>
Wow, that is really awesome and really scary at the same time. Attached is
the same deal with a text extension, for your viewing pleasure.
Erich Hoover
ehoover at mines.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winehq.org/pipermail/wine-devel/attachments/20090220/909105c5/attachment.htm
-------------- next part --------------
<?php
$agent = $_SERVER['HTTP_USER_AGENT'];
$OS = Array("Windows", "Linux", "Mac");
$Distro = Array("Ubuntu");
$Browser = Array("Firefox", "MSIE", "Safari");
$os_data = match_strings($agent, $OS);
$distro_data = match_strings($agent, $Distro);
$browser_data = match_strings($agent, $Browser);
print "You are using $browser_data on $os_data ($distro_data).";
function match_strings($haystack, $matches) {
$found = false;
foreach($matches as $needle) {
if(strstr($haystack, $needle)) {
$result = $needle;
$found = true;
}
}
if(!$found) {
return "Unknown";
}
return $result;
}
?>
More information about the wine-devel
mailing list