Penetration Testing mailing list archives
Re: Directory Traversal on File Upload
From: mcleano <almcer () hotmail com>
Date: Tue, 2 Aug 2011 04:39:57 -0700 (PDT)
In regards to the .htaccess suggestion, I tried uploading my own one with the following: AllowOverride All AddType application/x-httpd-php5 .htm .html .php .blog .comment .inc DirectoryIndex try.php Options +Indexes +MultiViews +FollowSymlinks allow from all but still no luck. I'm now questioning whether or not my file is actually being uploaded too (it might just be a bug in the code that always says the file has been uploaded). Even if i try to access a file that doesn't exist such as "/thisfiledoesntexist.php" i still get the 502 error message which is what is making me question whether the upload worked. Could you elaborate more on how you would do your first suggestion. Because this has crossed my mind I struggled to make it work. My javascript injections didn't seem to work and i think this was because the form field type is "file". And also, the file is local on my machine so is it meant to look like "../C:/blah/blah/blah.php"? Adam Mooz wrote:
Out of curiosity, have you tried setting the upload path to "./../hostile.script", or "../hostile.script"? Or uploading your own .htaccess file to override the noexec directive?
-- View this message in context: http://old.nabble.com/Directory-Traversal-on-File-Upload-tp32171687p32177175.html Sent from the Penetration Testing mailing list archive at Nabble.com. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Directory Traversal on File Upload mcleano (Aug 01)
- Re: Directory Traversal on File Upload Adam Mooz (Aug 01)
- Re: Directory Traversal on File Upload mcleano (Aug 04)
- RE: Directory Traversal on File Upload Brett Moore (Aug 01)
- RE: Directory Traversal on File Upload mcleano (Aug 04)
- Re: Directory Traversal on File Upload Adam Mooz (Aug 01)