Task 3

Previous page
Table of content
Next page

The system is located in the /LOCALHOST/ZADACHI/3/ folder on the CD-ROM. It is available at http://localhost/zadacri/3/index.php if the HTTP server is installed.

It displays the current date and time. The . /etc/ directory that contains system configuration files is inaccessible. The system works in one of three modes.

  • Goal 1. Clear up how the system settings are switched.

  • Goal 2. Find an error in how the mode parameters are interpreted. Then find another error that discloses the contents of some included files.

  • Goal 3. Examine the code of the included files and find an error that causes the global PHP source code injection vulnerability.

  • Goal 4. Exploit this vulnerability to obtain the contents of the /ETC/MAIN.CFG file.

After you obtain the contents of this file, the task will be considered solved .


Previous page
Table of content
Next page
Hacker Web Exploition Uncovered
Hacker Web Exploition Uncovered
ISBN: 1931769494
EAN: N/A
Year: 2005
Pages: 77
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
High-Speed Signal Propagation[c] Advanced Black Magic
Oracle Developer Forms Techniques
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Special Edition Using Crystal Reports 10
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy