|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 66
Members: 0
Total: 66
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
FTP access.. now how to access other sites |
|
Posted: Tue Feb 12, 2008 5:14 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
So I have FTP access to a website that is hosted by a host for hundreds of sites and can upload r57 or c99 etc. I can't access any higher than the /home/user directory. /home/ has permissions drwxr-x--x
I can get the etc/passwd but not etc/shadow.
I want to be able to access other sites files. |
|
|
|
|
Posted: Tue Feb 12, 2008 6:37 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
Upload shell.Search httpd.conf and find full path to other sites.Then try to enter on other sites.Only root have access to /etc/shadow and some bug appz. |
|
|
|
|
Posted: Tue Feb 12, 2008 12:46 pm |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
looks like all the other sites dont have read permission for me. I actually do have read permission for / and quite a few of it's subdirs. I found a file telling me the names of sites and their username. no pw. I tried changing dir to /home/user but no go. I tried /home/user/www/ and /home/user/public_html/ no go. Any ideas?
Anyone know where the mysql databases are stored? or something interesting? |
|
|
|
|
Posted: Tue Feb 12, 2008 1:34 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
All depend from server and his webamsters.I think you are in "jail".Search some backup files or some other intresting files.maybe you find other ftp access or something more intresting.
btw
..in httpd.conf keep's only full path to every site on server no pw's inthere.
P.S.Post pls "id" on your shell on server. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|