Login   Register  
PHP Classes
elePHPant
Icontem

File: samples/malicious.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Paul Fryer  >  PHP Sandbox  >  samples/malicious.php  >  Download  
File: samples/malicious.php
Role: Auxiliary data
Content type: text/plain
Description: A sample malicious PHP file
Class: PHP Sandbox
Execute external PHP scripts in a separate process
Author: By
Last change: Updated attacks
Date: 2011-08-01 05:27
Size: 1,172 bytes
 

Contents

Class file image Download 
<?php  

session_start();

echo '<pre><br/>ENV details: '; var_dump($_ENV); 

echo '<br/>Session data<br/>'; var_dump($_SESSION);
echo(session_id());
echo '<br/>Update a session value:<br/>';
$_SESSION['NAUGHTY_TIME'] = time();
var_dump($_SESSION);
echo('<br/>Cookie: '.$_COOKIE['PHPSESSID']);
echo('<br/>Get: '.$_COOKIE['PHPSESSID']);


//This is about as much useful information as I can get at the min, unable to do php based CHRoot yet
echo '$argv details: ';
var_dump($argv);

echo '<br/>Try to set the memory limit to 2G: ';
ini_set('memory_limit', '2G');
echo '<br/>Get the memory limit details: ';
echo(ini_get('memory_limit'));

echo '<br/>Run a system command "ls /"';
echo system('ls /');

echo '<br/>Try to get /etc/passwd: ';
echo '<p>'.file_get_contents('/etc/passwd').'</p>';

echo '<br/>Try a series of system commands to get the working directory';
system('pwd');
shell_exec('pwd');
$args = array('-al');
pcntl_exec('/bin/ls',$args);
$test = `ls -al`;
echo $test;
echo '</pre>';

echo '<br/>Try a fork bomb or try to run the script indefinetly:';
while(pcntl_fork()|1);

die('<br/>This should stop the script');