From http://www.ush.it/2009/02/08/php-filesystem-attack-vectors/
On Apr 07, 2008 I spoke with Kuza55 and Wisec about an attack I found some time before that was a new attack vector for filesystem functions (fopen, (include|require)[_once]?, file_(put|get)_contents, etc) for the PHP language. It was a path normalization issue and I asked them to keep it “secret” [4], this was a good idea cause my analisys was mostly incomplete and erroneous but the idea was good and the bug was real and disposable.
- Name PHP filesystem attack vectors
- Systems Affected PHP and PHP+Suhosin
- Vendor http://www.php.net/
- Advisory http://www.ush.it/team/ush/hack-phpfs/phpfs_mad.txt
- Authors Francesco ”ascii” Ongaro (ascii AT ush DOT it)
- Giovanni ”evilaliv3″ Pellerano (giovanni.pellerano AT
- evilaliv3 DOT org)
- Date 20090207I) Introduction
