Quote:
Originally Posted by FapMax
This Website "Error" is totally worth it you are WRONG. You cant inject anything there.
The Source looks like this :
PHP Code:
require('lang.' . $_GET['lang'] . '.php');
Your Injection Point :
PHP Code:
require('lang.INJECTION.php');
You cant paste any Code in there. There is no way to Request other Files except the Files on there own FTP called "lang." at the start.
I found this befor but it does not give any vulnerable point thats why i didnt post it, anyway good work for the Start.
|
You are wrong, this hole isn't abusable because of the parameters existing server side. It
would be possible to execute a shell on the web server if it allowed traversal, but it does not (like I explained to you in the first post). This is to teach
you how to setup server software properly (i.e. PHP) so
you don't end up hacked with a similar hole. Also your injection point is wrong.
Code:
require(_cache/lang.<injection point>%00);
Also the server side code most likely looks like this.
Code:
require($_GET['cache'] . $_GET['lang'] . '.php');
If you have any more questions feel free to ask. If you would like help securing your website/server feel free to pm me, and we will negotiate.