Answer the question
In order to leave comments, you need to log in
C
C
Chvalov2014-07-09 22:56:14
Chvalov, 2014-07-09 22:56:14
Vulnerability in PHP, how to hide or protect yourself?
I have a site blablabla.ua found on it Vulnerability
more precisely PHP version - 5.3.12
The scanner showed CVE-2012-1823
But if you add "/?-s" or "/?-d" or "/?-c" in the address bar " then nothing happens
. I keep the site from a local provider.
He also replied that no one would change anything on the server for the sake of one of my sites.
That's the task of how to hide or protect yourself, will CloudFlore help me
or the fact that he hides my ip under a proxy will not help me and a bad person will be able to get through to the site ??
At the same time, if you go to the ip of my site itself, then it will not lead anywhere, an empty page.
I think that he will not be able to reach the site, since the ip will be from CloudFlore, and even if he finds out the real one, he will get to an empty page.
and Metasploit (exploit/multi/http/php_cgi_arg_injection) will not help him in any way, since the remote IP is indicated there, and not the URL
Am I right??
P.S. I don’t want to buy hosting, because the site is not monetized and will not be
1 answer(s)
@Alexufo
pen-test.ru/cve-2012-1823
If it is, it will display the source code of your page. So sleep well.
A
Alexander Borisovich, 2014-07-10 @Alexufo
There is a vulnerability in some CGI based setups (Apache + mod_php and Nginx + PHP-FPM not affected) that has gone undetected for at least 8 years. Section 7 of the CGI specification says:
pen-test.ru/cve-2012-1823
If it is, it will display the source code of your page. So sleep well.
Similar questions
M
M
S
V
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question