|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 55
Members: 0
Total: 55
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
And another stupid question |
|
Posted: Thu May 20, 2004 2:14 pm |
|
|
mircia |
Regular user |
|
|
Joined: May 19, 2004 |
Posts: 7 |
|
|
|
|
|
|
|
I was wondering... is it possible to do something else with php-nuke : e.g. uploading a web-shell (system($cmd); something like that), maybe something more useful.... |
|
|
|
|
Posted: Thu May 20, 2004 3:45 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
If you use remote file inclusion sploits, then you can give any commands to shell (if there is no restrictions, like safe mode, etc...). Another method is, when you use mysql file handling functions (it's possible only, when current mysql user has file permissions) to create in victim server script files with content you needed.
And one more thing - there are many phpnuke add-on modules with security flaws, where you can get remote file inclusion sploits to work. For example popular picture gallery - Coppermine - which (if unpatched) gives many possibilities to potential attacker. |
|
|
|
|
Posted: Thu May 20, 2004 5:53 pm |
|
|
mircia |
Regular user |
|
|
Joined: May 19, 2004 |
Posts: 7 |
|
|
|
|
|
|
|
Maybe you can give a link (or example) to this issue? |
|
|
|
|
Posted: Thu May 20, 2004 7:12 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|