Welcome! Log In Create A New Profile

Advanced

Help! Nginx Vulnerable Remote file inclusion

December 02, 2011 11:48PM
I really need help here :(

my forum got hacked 3 times, and i detected the hacker use RFI(Remote file inclusion) after i found an avatar image contain Phpshell code inside it. and the weird thing is when i tried to use RFI on Apache it will not run the phpshell,

You can see here:

http://www.ceriwis.org/rfi.php?hal=ass.jpg <------------ using NGINX and phpshell executed

and

http://ceri.ws/rfi.php?hal=ass.jpg <---------------- using Apace and phpshell unable to executed

im using Nginx 0.8.53 and php-fpm

I really need solution to solve my problem guys. i want to stop the image to get executed like Apache does..
Please give me solution. thanks
Subject Author Posted

Help! Nginx Vulnerable Remote file inclusion

escavern December 02, 2011 11:48PM

Re: Help! Nginx Vulnerable Remote file inclusion

escavern December 02, 2011 11:49PM

Re: Help! Nginx Vulnerable Remote file inclusion

Tim Mensch December 03, 2011 12:12AM

Re: Help! Nginx Vulnerable Remote file inclusion

escavern December 03, 2011 12:47AM

Re: Help! Nginx Vulnerable Remote file inclusion

Tim Mensch December 03, 2011 12:52AM

Re: Help! Nginx Vulnerable Remote file inclusion

escavern December 03, 2011 01:36AM

Re: Help! Nginx Vulnerable Remote file inclusion

Mark Alan December 03, 2011 04:44AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 63
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready