Penetration Testing mailing list archives
RE: PHP Directory Transversal
From: "Ravish" <ravish () xeonext com>
Date: Thu, 10 Mar 2005 23:01:02 +0530
Hello, This also depends upon the directory path where the script is being executed. You could try adjusting ../ according to the path of your script or can also try www.example.com/static.php?page=/etc/passwd Regards, Ravish http://www.xeonext.com -----Original Message----- From: Andres Molinetti [mailto:andymolinetti () hotmail com] Sent: Thursday, March 10, 2005 7:52 PM To: pen-test () securityfocus com Cc: webappsec () securityfocus com Subject: PHP Directory Transversal Hi, Working on a Web app testing...I have found that the uses the so-vulnerable method of including files requested by php parameters: www.example.com/static.php?page=hello.htm (htm files are in /templates dir) A the page in the parameter is requested statically, I did a www.example.com/static.php?page=../static.php and I got that page source code. Therefore, I tried doing a www.example.com/static.php?page=../../../../../../etc/passwd but I get an error saying that file doesn't exist. I user the same source code in my server, and I could retrieve the file...what can be happening? I don't think it is under a chroot jail... I'm working with Apache 2.0.48 and PHP 4.3.4 and the real server has Apache 2.0.52 an PHP 4.3.9.... Thanks in advance, Andy _________________________________________________________________ Descarga gratis la Barra de Herramientas de MSN http://www.msn.es/usuario/busqueda/barra?XAPID=2031&DI=1055&SU=http%3A// www.hotmail.com&HL=LINKTAG1OPENINGTEXT_MSNBH
Current thread:
- PHP Directory Transversal Andres Molinetti (Mar 10)
- Re: PHP Directory Transversal Felikz (Mar 10)
- Re: PHP Directory Transversal Andres Molinetti (Mar 10)
- Re: PHP Directory Transversal David M. Zendzian (Mar 10)
- Re: PHP Directory Transversal Cedric Foll (Mar 10)
- RE: PHP Directory Transversal Ravish (Mar 10)
- Terminal Services AEHeald (Mar 11)
- Re: Terminal Services Kinnell (Mar 11)
- RE: Terminal Services Jerry Shenk (Mar 11)
- Re: Terminal Services John the Kiwi (Mar 11)
- RE: Terminal Services Ola (Mar 14)
- RE: Terminal Services Mark Woan (Mar 16)
- Terminal Services AEHeald (Mar 11)
- Re: PHP Directory Transversal Felikz (Mar 10)
- Re: PHP Directory Transversal John GALLET (Mar 14)