admin login/directory exploit help
ok. so i was messing around with the directories of a site that i frequent and found that they don't block most of them (www.example.com/images, www.example.com/templates, ect…) i was wondering if there were any common exploits that i could use in them to gain admin access:happy:. Also i found that they use admin.php for admin pages but it gives me this "internal server error. check your settings" if i try and access them…i thought off hand that i might need a different PSSESID to give me admin clearance but im still pretty new to the game. I would really like a shove in the right direction or some advice on this one.
And just to be clear i have no intention of causing any harm to the site i will report any and all exploits that i find to the admins. Just getting a rush from applying what ive learned so far. This site and hackthissite.org are great. you all inspire me. :D
well, having directories list their contents is not a vulnerability.
however, things you may find while trolling around directories could get you somewhere.
- look through ALL the directories and ALL the pages and the source of everything to try and find as much as you can.
now, try to find a copy of the admin.php file, it is probably open source. sry g2g peace
lol i know just looking at the directories isn't an exploit its just usually they are blocked. And yeah the admin. files in the template directory aren't blocked but so far i haven't found anything of much use. there are a lot of files tho so ill keep looking. Thanks tho man:happy:
-not to try is to fail
DigitalFire wrote: well, having directories list their contents is not a vulnerability.
no but it is bad practice and probably means the admin is either sloppy or unintelligent and probably has made more mistakes if you look around
You generally shouldnt let any old person be able to look through your directorys for the reasons mentioned.
Anyways, as someone mentioned above, its pretty sloppy work, but i've seen plenty of sites myself that leave a ton of open directories, but that doesn't always mean your gonna find a bunch of vulnerabilities, an old school of mine had a TON of open directories, and i, and i even had system look around a bit, neither of us could really find anything, once it came to a file that had anything worth looking at /admin/ or /source-db/ etc. THAT they had locked down. Anyways, all im getting too is don't get your hopes up too much, its not always as easy as finding an open dir and being able to find passwords and that. (mostly that thought comes from some of the onsite challs, but truly there just to give you the idea of learning certain things.). I mean i could be wrong, and yeah there more than likely pretty sloppy but for the most part, if u really discover a dir thats important, it'll probably be prote cted. , later (wow, thats like the second longest post i've ever typed, yay.:ninja:
lesserlightsofheaven wrote: [quote]S1L3NTKn1GhT wrote: its rarely as easy as finding an open dir and being able to find passwords and that. (mostly that thought comes from some of the onsite challs, but truly there just to give you the idea of learning certain things.)
Fix'd.[/quote]
LOL, thx lesser B)
thanks for the feedback guys. I was up all night trying to find something, anything, that could lead to a possible exploit. Ive found a bunch of hidden dir. but none have given up much valuable info. Tho i have found a "mail" dir that needs admin authentication but when you hit cancel it redirects you to the mail page anyway and it gave me a weird cookie that when i decoded it with N-F tools (md5 hash i think) it gave me what looks like a PHPSESSID that maybe i can use to get authentication for other admin pages. but i havent tried it yet.
and yeah lol there is no way i could hack hackthissite.org …that made me laugh…:D