We are closing registration and public forum view to Paid & Private in 16 days! CLICK HERE to register FREE.
 
Create an account  

For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.ws

Deposit & Withdraw | About Verified Sellers and Escrow | Advertise | Scam Report | Tracking Number Details | ICQ: 717039384

carding forums carding forums
carding forums carding forums
carding forums Paid adv expire in 48 days
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 
[Tutorial] Source Code Disclosure [/Tutorial]

#1
What is Source Code Disclosure?

This is a kind of exploits that is very easy & tricky .... That you actually exploit the PDF downloading system to download such other suspec. files from the web server!

This is a google dork that can be used to capture such Vulnerabilities

Code:
allinurl:download.php?f=


Alright so here is the requirements :
1-Old exp. in PHP ( not very important )
2-Old exp. in SQL commands.. ( very important )

Okay here we go ,
Lets say we found a URL tat allows PDF downloading ..

https://www.target.co...?f=somefile.pdf


We will ignore the popup downloading box And start playing abit with the URL so we can find the Suspec. PHP files ...!

https://www.target.co...?f=download.php

Now lets notice if theres a downloading popup , If there is then you are lucky to find the PHP file on the first Directory...! If not Then keep searching in the directories like this

https://www.target.co...../download.php

https://www.target.co...../download.php

https://www.target.co...../download.php


Alright After we download this PHP file we are going to check codes in it .. In my case i found

Code:
include('dvcms/rt8105fconfig/config.inc.php');


Okay lets keep going ... Now as you see the download.php file has a config file but thats not the config file we want , We want one that is actually attached to the sql database of them ... Like some login boxes etc..

Lets say we found an admin page login

https://www.target.com/admin.php

Okay now you need a FF Add-on called FireBug , Once you install it and restart your FF

Go to the admin login page and right click and click on Inspect Element
Then click on HTML Then start looking for some thing familiar to this

Code:
<form method="POST" action=Some Directory here/>


Now this is the config file we want to download to fetch the sql informations!

In my Case

https://www.target.co...gin/process.php


After downloading this file Open it to view the source code! Now you will be able to view the sql connection information , Most of you will actually give up by seeing localhost , Well theres still a chance to connect

Open up cmd.exe and type

Code:
mysql -h SITEIP -u USERNAME -p

Now you are connected Theres alot of ways to get your PHP shell script up !
Reply
Paid adv. expire in 31 days
CLICK to buy Advertisement !

    Verified & Trusted WesternUnion / MoneyGram / Bank - Transferring -WorldWide [ MTCN in 3 hours ]




Forum Jump: