Greymatter Remote Command Execution Vulnerability

This paper examines a PHP injection exploit against the Greymatter WebLogging application. It begins with a detailed examination of the exploit and then reviews a sample attack against a remote network. The viewpoint is then changed to that of an administrator of the target network and the six steps of Incident Handling are reviewed. Appendixes are also provided to offer the reader a deeper understanding of the vulnerable Greymatter code and several of the tools discussed in the body of the paper.