Server Files

I have been playing around with PHP Injection recently, I have been able to get ahold of a large amount of websites where the /etc/passwd file is available. but unfortunately the /etc/shadow file isn't. So I was wondering if anyone had any idea's of other files on the server which would be 'useful' for gaining more information or help to gain control.

If you are able to walk off the webroot, try and see if you can access /bin/sh, /bin/bash or any other shells. If you can, you can pass arguments to them (eg: /bin/bash/?ls%20-l), and thus execute arbitrary commands.

Extremely unlikely that /etc/shadow would be available through conventional means, since it's only readable by root by default. You'd need to find a way to execute a privilege escalation first, but at that point you'd already have root anyways. =)

I find the eaisiest way to get root is to track down the sysadmin whilst carrying a baseball bat

Just don't forget to get the password BEFORE you start bashing him. I got those 2 messed up a couple of times so it's a technique you have to master :)

n3w7yp3 wrote: If you are able to walk off the webroot, try and see if you can access /bin/sh, /bin/bash or any other shells. If you can, you can pass arguments to them (eg: /bin/bash/?ls%20-l), and thus execute arbitrary commands. I tried /bin/sh on a website, it gave me Warning: Unexpected character in input: '' (ASCII=23) state=1 in /bin/bash on line 4614

Warning: Unexpected character in input: '' (ASCII=19) state=1 in /bin/bash on line 4614

Parse error: parse error, unexpected '<' in /bin/bash on line 4614

What does it mean?

When I tried /bin/bash/?ls%20-l it gave me 404.

What do you mean walk off the webroot ?