Can This Website Be Exploited?
After reading about SQL injections and JS injections, it made me remember this PHP link on a certain website..
http://www../file.php?loc=*
It calls upon the location of a certain file, and then places it in a link for our downloading convenience. The only (unfortunate) problem is, it only gives links to files with extensions (eg. .txt, .jpg) - I realised this after trying to download entire directorys :D. Also, 403's still apply. If you try and download a file that is forbidden or not there, it gives you a link to a page containing the 404/403 error.
This particular site also has a forum board, at first glance it looks like a different URL, but after messing around with some directorys I realised it is just under the category /forums/.
This then allowed me to download the vbulletin md5 hash script they use to hash the forum members passwords. I suppose that isn't too usefull because of the fact that it is probably easily obtainable and if we get the hash we can crack it anyway..
I'm going to post a .php file (the member list from the forum), to see if it could possibly be exploited. I'm concealing the name for numerous reasons. I had to post it as a jpg cause uploadit.org is gay ;D.
How would I manipulate either the source code or the file grabber to my benefit? Would I be able to grab some.. 'helpfull' files?
markuphttp://server2.uploadit.org/files/SaberGun-memberlis.jpg