From: David M. Zendzian (dmz@dmzs.com)
Date: Thu Mar 10 2005 - 13:02:02 EST
He probably has php in 'safe-mode'.
Check this: http://us4.php.net/features.safe-mode
Andres Molinetti wrote:
> Hi,
>
> Working on a Web app testing...I have found that the uses the
> so-vulnerable method of including files requested by php parameters:
>
> www.example.com/static.php?page=hello.htm
> (htm files are in /templates dir)
>
> A the page in the parameter is requested statically, I did a
> www.example.com/static.php?page=../static.php and I got that page
> source code.
>
> Therefore, I tried doing a
> www.example.com/static.php?page=../../../../../../etc/passwd
> but I get an error saying that file doesn't exist.
>
> I user the same source code in my server, and I could retrieve the
> file...what can be happening? I don't think it is under a chroot jail...
>
> I'm working with Apache 2.0.48 and PHP 4.3.4
> and the real server has Apache 2.0.52 an PHP 4.3.9....
>
> Thanks in advance,
> Andy
>
> _________________________________________________________________
> Descarga gratis la Barra de Herramientas de MSN
> http://www.msn.es/usuario/busqueda/barra?XAPID=2031&DI=1055&SU=http%3A//www.hotmail.com&HL=LINKTAG1OPENINGTEXT_MSNBH
>
>
>
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:17 EDT