Re: PHP Directory Transversal
From: David M. Zendzian (dmz_at_dmzs.com)
Date: 03/10/05
- Previous message: Andres Molinetti: "Re: PHP Directory Transversal"
- In reply to: Andres Molinetti: "PHP Directory Transversal"
- Next in thread: Cedric Foll: "Re: PHP Directory Transversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 10 Mar 2005 10:02:02 -0800 To: Andres Molinetti <andymolinetti@hotmail.com>
He probably has php in 'safe-mode'.
Check this: http://us4.php.net/features.safe-mode
Andres Molinetti wrote:
> Hi,
>
> Working on a Web app testing...I have found that the uses the
> so-vulnerable method of including files requested by php parameters:
>
> www.example.com/static.php?page=hello.htm
> (htm files are in /templates dir)
>
> A the page in the parameter is requested statically, I did a
> www.example.com/static.php?page=../static.php and I got that page
> source code.
>
> Therefore, I tried doing a
> www.example.com/static.php?page=../../../../../../etc/passwd
> but I get an error saying that file doesn't exist.
>
> I user the same source code in my server, and I could retrieve the
> file...what can be happening? I don't think it is under a chroot jail...
>
> I'm working with Apache 2.0.48 and PHP 4.3.4
> and the real server has Apache 2.0.52 an PHP 4.3.9....
>
> Thanks in advance,
> Andy
>
> _________________________________________________________________
> Descarga gratis la Barra de Herramientas de MSN
> http://www.msn.es/usuario/busqueda/barra?XAPID=2031&DI=1055&SU=http%3A//www.hotmail.com&HL=LINKTAG1OPENINGTEXT_MSNBH
>
>
>
>
>
- Previous message: Andres Molinetti: "Re: PHP Directory Transversal"
- In reply to: Andres Molinetti: "PHP Directory Transversal"
- Next in thread: Cedric Foll: "Re: PHP Directory Transversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
