|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 70
Members: 0
Total: 70
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
db6cb849c564d13b194bc210f599fe241d79687c
Based on their history, should be 8 characters, mixed a-z0-9
root:$1$k8wFozcA$p3Nt2EX0APMq4DOR8elmC.:13896:0:99999:7:::
chris:$1$FUak9WV9$VqCjDswWig4DcUPN ... |
|
|
|
pZourk |
|
Replies: 6 |
Views: 14237 |
|
|
|
|
|
|
I decided to look into this. I think I found the site in question, and article.php?sid=1&cid=../../../../../etc/passwd%00 does work, but it looks like shadow is being used, but article.php?sid=1&a ... |
|
|
|
|
I found this some time back and was helpful.
http://www.0x000000.com/index.php?i=357&bin=101100101 |
|
|
|
pZourk |
|
Replies: 12 |
Views: 11877 |
|
|
|
|
|
|
I think I will call it quits on this one. The best I have gotten there is access to a user that can only see some 'secret' subforums, which is how I found out about the file uploader. Once again thank ... |
|
|
|
pZourk |
|
Replies: 12 |
Views: 11877 |
|
|
|
|
|
|
.htaccess is renamed to 1.htaccess
Thank you for the help though. |
|
|
|
pZourk |
|
Replies: 12 |
Views: 11877 |
|
|
|
|
|
|
is it possible to upload outside of the upload folder? i suspect the webmaster has disabled php execution there.That's exactly my problem. I cannot.
If I was able to, I would have those passwords a l ... |
|
|
|
pZourk |
|
Replies: 12 |
Views: 11877 |
|
|
|
|
|
|
The only working php files on the site are not in the upload folder. The only ones ever in there are ones I hav tried uploading. I had not thought of using cgi. I will try that.
UPDATE:
I tried cg ... |
|
|
|
pZourk |
|
Replies: 12 |
Views: 11877 |
|
|
|
|
|
|
A site has a file upload cgi script. I am able to upload anything to http://www.example.com/dropbox/files/ (I know of no way to specify the output folder) but also delete any file from example.com and ... |
|
|
Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|