Using mail() for Remote Code Execution

Thu 03 November 2011 by geoffrey

Last week we had to assess the security level of a PHP web application from its source code, in a white-box context. During this audit we found original ways to take advantage of the mail() function for remote code execution and file disclosure attacks while bypassing open_basedir. This article explains ...

read more