|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 101
Members: 0
Total: 101
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
The King of PHP-Injection? |
|
Posted: Sat Aug 16, 2008 5:21 pm |
|
|
cO2_dz |
Regular user |
|
|
Joined: Aug 12, 2008 |
Posts: 10 |
Location: Algeria |
|
|
|
|
|
|
Hey all XD, need to know a solution for this fucking BUG,
it's not a LFI bug,It's just a RFD remote file disclosure vulnerability for some uploaded pics ,
Hep brothers if anyone can to do something simple for this injection through PHP,
It break my head XD I tried somes things simple like local/Remote file/command inclusion and also somes codes PHP but nothing at all,
It works not well, therefore tried may be you can do something . . .
And a small bug blind SQL :
Code: | http://www.URL.com/file.php?varX=[ID_img]+(AND+1=1);
http://www.URL.com/file.php?varX=[ID_img]+(AND+1=0); |
the RFD bug was here,
Code: | http://www.URL.com/file.php?varX=&../../../../../../../img/arrows.gif? |
I can't read/see the /etc/passwd or any others filles XD just pics
And the pic it was uploaded just here URL.com/img/arrows.gif , U see?
"?" its the same for %00 just i have decode it coz the script not accepting the encoding URL (%00)
and also in the source page of this injection PHP i found as the example above i mean when i add the bug:
http://URL.com/File.php?var=&xxxAlgerianHackerxxx
In the source page i find this :
Code: | <img src="images/img_xxxAlgerianHackerxxx.jpg" |
http://URL.com/File.php?var=&../../../../../../../img/arrows.gif?.jpg
In the source page i find this :
Code: | <img src="images/img_../../../../../../../img/arrows.gif?.jpg" |
All my respect;
/cO² |
|
|
|
|
|
|
|
|
Posted: Sat Aug 16, 2008 8:32 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Sorry, but i fail to see any RFI/LFI of file disclosure here. It may be XSS at best ... |
|
|
|
|
Posted: Sat Aug 16, 2008 10:38 pm |
|
|
cO2_dz |
Regular user |
|
|
Joined: Aug 12, 2008 |
Posts: 10 |
Location: Algeria |
|
|
|
|
|
|
waraxe wrote: | Sorry, but i fail to see any RFI/LFI of file disclosure here. It may be XSS at best ... |
It is XD , it's a Remote File Disclosure Vulnerability, not a Local file inclusion[LFI], And also not a Remote file inclusion [RFI]
Code: | http://www.URL.com/file.php?varX=&../../../../../../../img/arrows.gif? |
It work
It's the same for this , u see? it's a RFD bug
Code: | http://www.URL.com/img/arrows.gif |
/cO2 |
|
|
|
|
Posted: Sun Aug 17, 2008 1:41 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
You obviously can't read anything lower than the public web directory.
Try find some config file?
../../config.php?
But that won't even work becuase it will parse the php file. |
|
|
|
|
www.waraxe.us Forum Index -> Full path disclosure
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|