Paid Advertising is
ha.ckers sla.cking
Whether this is about, or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Once you are in...
Posted by: lpilorz
Date: January 18, 2007 04:50AM

So, you found a code execution bug in some PHP app. Now, you'd like to have some tools for getting as much information from the server as you can. I think we could post some of the useful stuff here.

For a good start - listing the directory content bypassing open_basedir restrictions (tested on PHP 4.4.1):
It does not list all the directories and files, but it's meant to be fast rather than accurate.

I found the glob() warning bug by myself, but it was reinventing the wheel - Peter Brodersen found it back in 2005:

Feedback and all your little tools are welcome :)

(Edit: it doesn't list dirs/files you have open_basedir rights to, and those starting with the same letter as one of the already listed, e.g.
Real dir content:

Edited 2 time(s). Last edit at 01/18/2007 04:54AM by lpilorz.

Options: ReplyQuote

Sorry, only registered users may post in this forum.