I don’t if this is the best place to post this one.
Anyways, I was taking an attempt to a known certification, and I had to exploit a web app which had a known code execution vulnerability, BUT, all PHP functions that I knew were blacklisted. This is a list that was similar to the one that was blacklisted in this server:
exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,show_source,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority
So essentially my question is if there is ANY way to have code execution, WITHOUT using any of the above functions.