Task 2

Previous page
Table of content
Next page

The system is located in the /LOCALHOST/ZADACHI/2/ folder on the CD-ROM. It is available at http://localhost/zadachi/1/index.php if the HTTP server is installed.

The system is similar to the previous one, but it uses another algorithm to check passwords. As with the previous system, you cannot access files.

You have the link to one of the uploaded files:

http://localhost/zadachi/2/upload.php?f=1.txt

  • Goal 1. Find a vulnerability that would allow you to read any files. Use this vulnerability to examine the image from book  INDEX.PHP file and clear up how the password check can be circumvented, or find a valid password. Then upload any file to the server.

  • Goal 2. Find a vulnerability in the processing of uploaded files and bypass the . /upload/ directory to upload your file into the system root ( http://localhost/zadachi/2/ ) rather than into this folder. Upload PHP shell code into this location.


Previous page
Table of content
Next page
Hacker Web Exploition Uncovered
Hacker Web Exploition Uncovered
ISBN: 1931769494
EAN: N/A
Year: 2005
Pages: 77
BUY ON AMAZON
Oracle Developer Forms Techniques
Adobe After Effects 7.0 Studio Techniques
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
What is Lean Six Sigma
The Oracle Hackers Handbook: Hacking and Defending Oracle
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy