Waraxe IT Security Portal

lowbird · Regular user

Hello

I try to get access to a Wbb3.0.8pl Forum (want to drop a shell).

First of all:
- I already have full access to a Mysql-Database which is running on my target- Server.
- I also have Read - Access to the Forum-Database. (i am using Navicat)
- I have two Super-Moderator - accounts.
- I have access to an gmx.net account from one of the two admins.
- Its an Apache/2.2.9 (Fedora) Server

Do anyone maybe know, how i can upload my shell.php on this server ? :S I already tryed several things, but cant get it working. Is there maybe an exploit i could use ?

Hope you have a few new ideas, on what i could try Smile

(sry for my bad english)
(I write my English examen in 2 weeks but cant speak english lol Very Happy

)

ingh1pped · Advanced user

lowbird · Regular user

Thats the problem.. i dont have the rights, to create a file as MySQL - User.

So SELECT "your php code" INTO OUTFILE 'path/of/yoursite/file.php' doesnt work :S

maybe another idea?

ingh1pped · Advanced user

ok.. i' ve just installed this board.. i'm trying to upload a shell from templates..
there is the list of templates.. and the button modify templates...
then you find the html code..
just copy and paste your shell like Joomla templates.. and the find the right path of original template..
haven't you try this way?
if this doesn't work i try to find another way from the cms code... :/

try to create e new group of template.. and then add a template.. i succesfully upload my shell but the extension is .tpl and then there is a problem to read my shell's file... i'm trying.. Wink

pexli · Valuable expert