Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

PHP LFI Question.

  1. Home
  2. Forum
  3. Web hacking
  4. PHP LFI Question.

ghost's Avatar

ghost

0 0

I was looking at a friends website and came across this message after putting in ../../../../../../../../../../../etc/passwd%00 in the 'page=' parameter.

Warning: include(../../../../../../../../../../../etc/passwd\0/../../../../../../../../../../../etc/passwd\0.html) [function.include]: failed to open stream: No such file or directory in /var/www/hiden.com/index.php on line 121

Warning: include(../../../../../../../../../../../etc/passwd\0/../../../../../../../../../../../etc/passwd\0.html) [function.include]: failed to open stream: No such file or directory in /var/www/hiden.com/index.php on line 121

Warning: include() [function.include]: Failed opening '../../../../../../../../../../../etc/passwd\0/../../../../../../../../../../../etc/passwd\0.html' for inclusion (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/hiden.com/index.php on line 121

Does this mean that in the php code is a white list of accepted includes?

I just do not get why it says "failed to open stream: No such file or directory in /var/www/hiden.com/index.php" What does it mean no such file or directory IN INDEX.PHP?

Also what is that include path for? Is it all the files that are allowed to be included in the page?


ghost's Avatar

ghost

0 0

apescanfly223 wrote: <snip> [quote]Warning: include(../../../../../../../../../../../etc/passwd\0/../../../../../../../../../../../etc/passwd\0.html) [function.include]: failed to open stream: No such file or directory in /var/www/hiden.com/index.php on line 121 </snip>

Looks like it's either confused about the null byte or has default behavior configured for it. Try the traversal without the null byte (or with an actual PHP null byte - '\0') at the end and see what response you get. Also, try more ../ to see if you can "break out".

Does this mean that in the php code is a white list of accepted includes?

If it is, it's white-listing HTML files. It could also just be appending ".html" to the end of whatever gets included (likely).

I just do not get why it says "failed to open stream: No such file or directory in /var/www/hiden.com/index.php" What does it mean no such file or directory IN INDEX.PHP?

Read the whole error: "No such file or directory in /var/www/hiden.com/index.php on line 121". It means that the line attempting the include is on line 121 of index.php's source.

Also what is that include path for? Is it all the files that are allowed to be included in the page?

Looks like a default path for PEAR includes. I'd say it's one of a couple paths available for includes… hence, why you got more than one error.

Keep at it and vary your injection techniques on the GET variable… you'll get it.


ghost's Avatar

ghost

0 0

Great help thanks so much :D