 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 75
 Members: 0
 Total: 75
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Is this full path disclosure? |
|
 Posted: Tue Oct 04, 2005 1:58 pm |
 |
|
| Kik |
| Beginner |
 |
|
| Joined: Oct 04, 2005 |
| Posts: 4 |
|
|
|
 |
|
 |
|
I got this:
Warning: main(): Unable to access ./bands/SELECT username password FROM users.php in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Warning: main(./bands/SELECT username password FROM users.php): failed to open stream: No such file or directory in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Warning: main(): Failed opening './bands/SELECT username password FROM users.php' for inclusion (include_path='.:/php/includes:/usr/share/php') in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Is this full path disclosure?
How does this help me? |
|
|
|
|
|
|
|
|
| Posted: Tue Oct 04, 2005 4:30 pm |
|
|
| g30rg3_x |
| Active user |
|
|
| Joined: Jan 23, 2005 |
| Posts: 31 |
| Location: OutSide Of The PE |
|
|
|
|
|
|
the:
"full path disclousure"
its a minor security glitch, and this info can help the attacker to visualize his target more better...
and some cases the attacker uses the information to guest the name of the file or zone to get the "special zone" of admins..
in simply way, just say were is the website or in what directory is...
grettings from mexico |
|
|
|
|
|
Re: .... |
|
| Posted: Wed Oct 05, 2005 4:54 pm |
|
|
| LINUX |
| Moderator |
 |
|
| Joined: May 24, 2004 |
| Posts: 404 |
| Location: Caiman |
|
|
|
|
|
|
| Kik wrote: | I got this:
Warning: main(): Unable to access ./bands/SELECT username password FROM users.php in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Warning: main(./bands/SELECT username password FROM users.php): failed to open stream: No such file or directory in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Warning: main(): Failed opening './bands/SELECT username password FROM users.php' for inclusion (include_path='.:/php/includes:/usr/share/php') in /home/virtual/site1/fst/var/www/html/letter.php on line 73
Is this full path disclosure?
How does this help me? |
correct full path  what help you need ? |
|
|
|
|
| Posted: Wed Oct 05, 2005 6:28 pm |
|
|
| Kik |
| Beginner |
|
|
| Joined: Oct 04, 2005 |
| Posts: 4 |
|
|
|
|
|
|
|
| Not sure, I'm just wondering how I can use this..? |
|
|
|
|
|
Re: .... |
|
| Posted: Wed May 17, 2006 2:00 pm |
|
|
| daemon_azazel |
| Regular user |
|
|
| Joined: Apr 16, 2006 |
| Posts: 17 |
|
|
|
|
|
|
|
| Kik wrote: | I got this:
Warning: main(): Failed opening './bands/SELECT username password FROM users.php' for inclusion (include_path='.:/php/includes:/usr/share/php') in /home/virtual/site1/fst/var/www/html/letter.php on line 73
|
ROFLpimpMAO - looks like someone is trying to inject SQL in local
inclusion HEHEHE |
|
|
|
|
www.waraxe.us Forum Index -> Full path disclosure
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
