- Joined
- 11 yrs. 6 mth. 27 days
- Messages
- 5,381
- Reaction score
- 18,380
- Age
- 45
- Wallet
- 11,590$
- [email protected]
What is Source Code Disclosure?
This is a kind of exploits that is very easy & tricky .... That you actually exploit the PDF downloading system to download such other suspec. files from the web server!
This is a google dork that can be used to capture such Vulnerabilities
Alright so here is the requirements :
1-Old exp. in PHP ( not very important )
2-Old exp. in SQL commands.. ( very important )
Okay here we go ,
Lets say we found a URL tat allows PDF downloading ..
http://www.target.co...?f=somefile.pdf
We will ignore the popup downloading box And start playing abit with the URL so we can find the Suspec. PHP files ...!
http://www.target.co...?f=download.php
Now lets notice if theres a downloading popup , If there is then you are lucky to find the PHP file on the first Directory...! If not Then keep searching in the directories like this
http://www.target.co...../download.php
http://www.target.co...../download.php
http://www.target.co...../download.php
Alright After we download this PHP file we are going to check codes in it .. In my case i found
Okay lets keep going ... Now as you see the download.php file has a config file but thats not the config file we want , We want one that is actually attached to the sql database of them ... Like some login boxes etc..
Lets say we found an admin page login
Okay now you need a FF Add-on called FireBug , Once you install it and restart your FF
Go to the admin login page and right click and click on Inspect Element
Then click on HTML Then start looking for some thing familiar to this
Now this is the config file we want to download to fetch the sql informations!
In my Case
http://www.target.co...gin/process.php
After downloading this file Open it to view the source code! Now you will be able to view the sql connection information , Most of you will actually give up by seeing localhost , Well theres still a chance to connect
Open up cmd.exe and type
Now you are connected Theres alot of ways to get your PHP shell script up !
This is a kind of exploits that is very easy & tricky .... That you actually exploit the PDF downloading system to download such other suspec. files from the web server!
This is a google dork that can be used to capture such Vulnerabilities
Alright so here is the requirements :
1-Old exp. in PHP ( not very important )
2-Old exp. in SQL commands.. ( very important )
Okay here we go ,
Lets say we found a URL tat allows PDF downloading ..
http://www.target.co...?f=somefile.pdf
We will ignore the popup downloading box And start playing abit with the URL so we can find the Suspec. PHP files ...!
http://www.target.co...?f=download.php
Now lets notice if theres a downloading popup , If there is then you are lucky to find the PHP file on the first Directory...! If not Then keep searching in the directories like this
http://www.target.co...../download.php
http://www.target.co...../download.php
http://www.target.co...../download.php
Alright After we download this PHP file we are going to check codes in it .. In my case i found
Okay lets keep going ... Now as you see the download.php file has a config file but thats not the config file we want , We want one that is actually attached to the sql database of them ... Like some login boxes etc..
Lets say we found an admin page login
Okay now you need a FF Add-on called FireBug , Once you install it and restart your FF
Go to the admin login page and right click and click on Inspect Element
Then click on HTML Then start looking for some thing familiar to this
Now this is the config file we want to download to fetch the sql informations!
In my Case
http://www.target.co...gin/process.php
After downloading this file Open it to view the source code! Now you will be able to view the sql connection information , Most of you will actually give up by seeing localhost , Well theres still a chance to connect
Open up cmd.exe and type
Now you are connected Theres alot of ways to get your PHP shell script up !
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding