WebApp Sec mailing list archives
Re: PHP Directory Transversal
From: "David M. Zendzian" <dmz () dmzs com>
Date: Thu, 10 Mar 2005 10:02:02 -0800
He probably has php in 'safe-mode'. Check this: http://us4.php.net/features.safe-mode Andres Molinetti wrote:
Hi,Working on a Web app testing...I have found that the uses the so-vulnerable method of including files requested by php parameters:www.example.com/static.php?page=hello.htm (htm files are in /templates dir)A the page in the parameter is requested statically, I did a www.example.com/static.php?page=../static.php and I got that page source code.Therefore, I tried doing a www.example.com/static.php?page=../../../../../../etc/passwdbut I get an error saying that file doesn't exist.I user the same source code in my server, and I could retrieve the file...what can be happening? I don't think it is under a chroot jail...I'm working with Apache 2.0.48 and PHP 4.3.4 and the real server has Apache 2.0.52 an PHP 4.3.9.... Thanks in advance, Andy _________________________________________________________________Descarga gratis la Barra de Herramientas de MSN http://www.msn.es/usuario/busqueda/barra?XAPID=2031&DI=1055&SU=http%3A//www.hotmail.com&HL=LINKTAG1OPENINGTEXT_MSNBH
Current thread:
- PHP Directory Transversal Andres Molinetti (Mar 13)
- Re: PHP Directory Transversal Felikz (Mar 13)
- Re: PHP Directory Transversal Andres Molinetti (Mar 13)
- RE: PHP Directory Transversal Mehmet Buyukozer (Mar 13)
- Re: PHP Directory Transversal Andres Molinetti (Mar 13)
- Re: PHP Directory Transversal Richard Moore (Mar 13)
- Re: PHP Directory Transversal Sarath Kummamuru (Mar 13)
- RE: PHP Directory Transversal Ravish (Mar 13)
- Re: PHP Directory Transversal David M. Zendzian (Mar 13)
- Re: PHP Directory Transversal John GALLET (Mar 18)
- Re: PHP Directory Transversal Andres Molinetti (Mar 18)
- Re: PHP Directory Transversal Alex 'CAVE' Cernat (Mar 20)
- Re: PHP Directory Transversal Andres Molinetti (Mar 18)
- Re: PHP Directory Transversal Felikz (Mar 13)