Previous Thread
Next Thread
Print Thread
Rate Thread
#18128 01/27/03 12:31 AM
Joined: Apr 2002
Posts: 212
Member
Member
Joined: Apr 2002
Posts: 212
I was bored tonight and i remember using invisionboards message board on my site before. Once of the exploits with it was the phpinfo.php file. All you had to do was go to that file and it would give someone just about anything they need. Me being my curious self just typed in "phpinfo.php" on google and up popped 14,000 files.

here is a good example of how open this leaves boards to. http://laughingsquid.com/phpinfo.php

gives paths, server info, and all the configuration settings. I didn't go any further (yet) with this but isn't that a little unsecure? I'm not that good with message board stuff, it just caught my eye.

Anybody got some info or feedback to go along with this? I'de be interested to see what some of you have to say about it.

Sponsored Links
▼ Sponsored Links ▼ ▲ Sponsored Links ▲
#18129 01/27/03 02:00 AM
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
that isn't message board stuff that is a simple php script

Code
<?
info();
?>

save as phpinfo.php or info.php or etc. etc. etc.
The person can just remove the script. they are stupid for leaving it yes, but it is easily fixable.

#18130 01/27/03 06:38 AM
Joined: Mar 2002
Posts: 1,273
DollarDNS Owner
DollarDNS Owner
Joined: Mar 2002
Posts: 1,273
if you had an exploit to get into the system, then yes, that script can give you a lot of useful information that may help in how you should use whatever exploit you have. But, that info in itself doesn't enable you to exploit them.


Domain Registration, Hosting, Management
http://www.dollardns.net
#18131 01/27/03 07:12 AM
Joined: Apr 2002
Posts: 212
Member
Member
Joined: Apr 2002
Posts: 212
*nods*

that's what I had figured out by the time I fell asleep last night. Just found it interesting.

#18132 01/27/03 10:44 AM
Joined: Mar 2002
Posts: 508
Likes: 1
UGN Super Poster
UGN Super Poster
Joined: Mar 2002
Posts: 508
Likes: 1
try posting in the right fourm next time.

Web Design
ASP, PHP, Python, Perl, CGI, SHTML, DHTML, Flash, XML, VML...


you would prolly get alot more answers

#18133 01/28/03 06:02 PM
Joined: Aug 2002
Posts: 68
S
Junior Member
Junior Member
S Offline
Joined: Aug 2002
Posts: 68
It does provide information about the server.

http://www.promodtecnologies.com/phpinfo.php

Just wait till gizzy sees this...

#18134 01/28/03 06:47 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
who cares lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#18135 01/29/03 01:53 PM
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
.... I never created that. I of course made one to see what Xnull supported but called it test.php

#18136 01/29/03 07:39 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
I did lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#18137 01/29/03 10:10 PM
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
HTTP_REFERER http://www.UnderGroundNews.com/cgi-bin/ubbcgi/ultimatebb.cgi?ubb=get_topic;f=14;t=000076


heh it supports Sybase. You should kill MySQL and get Sybase on that puppy.

#18138 01/31/03 08:33 PM
Joined: Aug 2002
Posts: 68
S
Junior Member
Junior Member
S Offline
Joined: Aug 2002
Posts: 68
Try searching google for 'phpmyadmin running on localhost'. Interesting results.

#18139 02/07/03 01:06 PM
Joined: Apr 2002
Posts: 212
Member
Member
Joined: Apr 2002
Posts: 212
that's even worse then the phpinfo.php i originally posted about.

oh well *shrug*

#18140 02/10/03 07:34 AM
Joined: Dec 2002
Posts: 3,255
Likes: 3
UGN Elite
UGN Elite
Joined: Dec 2002
Posts: 3,255
Likes: 3
Jesus
ftp.esrf.fr/pub/expg/spec/db_details_structure.html


Code
  phpMyAdmin MySQL-Dump
# version 2.3.2
# http://www.phpmyadmin.net/ (download page)
#
# Host: localhost
# Generation Time: Nov 05, 2002 at 10:16 AM
# Server version: 3.23.37
# PHP Version: 4.0.6
# Database : `BM`
# --------------------------------------------------------

#
# Table structure for table `CRYSTAL`
#

CREATE TABLE CRYSTAL (
  PROTEIN_NAME text,
  PROPOSID varchar(10) NOT NULL default 'XX-nnnn',
  CRYSTALID varchar(20) NOT NULL default '',
  SPACE_GROUP varchar(10) default NULL,
  CELL_DIM_A decimal(4,2) default '0.00',
  CELL_DIM_B decimal(4,2) default '0.00',
  CELL_DIM_C decimal(4,2) default '0.00',
  CELL_DIM_AL decimal(4,2) default '0.00',
  CELL_DIM_BE decimal(4,2) default '0.00',
  CELL_DIM_GA decimal(4,2) default '0.00',
  RES_PREV float(10,2) default '0.00',
  COMMENTS text,
  CRYSTAL_KEY smallint(6) NOT NULL auto_increment,
  KEY CRYSTAL_KEY (CRYSTAL_KEY),
  PRIMARY KEY  (CRYSTAL_KEY),
  KEY CRYSTALID (CRYSTALID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `DETECTORS`
#

CREATE TABLE DETECTORS (
  DETECTORID int(11) NOT NULL auto_increment,
  IMGTYPE varchar(50) default NULL,
  NHEAD int(11) NOT NULL default '0',
  LRECL int(11) NOT NULL default '0',
  NPIXELX int(11) NOT NULL default '0',
  NPIXELY int(11) NOT NULL default '0',
  IMGDRC varchar(50) default NULL,
  ENDED varchar(6) default NULL,
  YPXMAX double(16,4) NOT NULL default '0.0000',
  ZPXMAX double(16,4) NOT NULL default '0.0000',
  YBEAM double(16,4) NOT NULL default '0.0000',
  ZBEAM double(16,4) NOT NULL default '0.0000',
  YPXSIZ double(16,4) NOT NULL default '0.0000',
  ZPXSIZ double(16,4) NOT NULL default '0.0000',
  ROFF double(16,4) NOT NULL default '0.0000',
  TOFF double(16,4) NOT NULL default '0.0000',
  NUMBITS int(11) NOT NULL default '0',
  DESCRIPTION varchar(50) default NULL,
  SPDFIL varchar(255) default NULL,
  KEY DETECTORID (DETECTORID),
  KEY NUMBITS (NUMBITS),
  PRIMARY KEY  (DETECTORID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `DEWARE`
#

CREATE TABLE DEWARE (
  DEWARE_KEY smallint(6) NOT NULL auto_increment,
  SENT_ON date NOT NULL default '0000-00-00',
  COURIER_CO varchar(10) NOT NULL default '',
  SENDING_NB varchar(10) default NULL,
  PROPOSID varchar(10) NOT NULL default '',
  COMMENTS varchar(200) default NULL,
  SUB_STATUS enum('opened','closed') NOT NULL default 'opened',
  KEY DEWARE_KEY (DEWARE_KEY)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `DICTIONARY`
#

CREATE TABLE DICTIONARY (
  PARAMID int(11) NOT NULL auto_increment,
  PARAMBRIEF varchar(50) default NULL,
  PARAMDESC varchar(255) default NULL,
  PARAMFORMAT varchar(50) default NULL,
  PARAMELEMENTS int(11) NOT NULL default '0',
  PARAMTYPE int(11) NOT NULL default '0',
  PARAMINST int(11) default NULL,
  KEY PARAMID (PARAMID),
  PRIMARY KEY  (PARAMID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `IMAGES`
#

CREATE TABLE IMAGES (
  IMAGEID int(11) NOT NULL auto_increment,
  RUNUNIQUEID int(11) NOT NULL default '0',
  TYPE int(11) NOT NULL default '0',
  FILENAME varchar(50) default NULL,
  LOCATION varchar(60) default NULL,
  KEY IMAGEID (IMAGEID),
  PRIMARY KEY  (IMAGEID),
  KEY RUNUNIQUEID (RUNUNIQUEID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `MAD`
#

CREATE TABLE MAD (
  MAD_ID int(11) NOT NULL auto_increment,
  RUNUNIQUEID int(11) NOT NULL default '0',
  ESCAN_FILE varchar(100) default NULL,
  KEY MAD_ID (MAD_ID),
  PRIMARY KEY  (MAD_ID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `PARAMETERTOIMAGE`
#

CREATE TABLE PARAMETERTOIMAGE (
  PARAMRUNID int(11) NOT NULL auto_increment,
  IMAGEID int(11) NOT NULL default '0',
  PARAMID int(11) NOT NULL default '0',
  PARAMVALUE float(10,2) NOT NULL default '0.00',
  PARAMTEXT varchar(50) default NULL,
  KEY IMAGEID (IMAGEID),
  KEY PARAMID (PARAMID),
  KEY PARAMRUNID (PARAMRUNID),
  PRIMARY KEY  (PARAMRUNID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `PARAMETERTORUN`
#

CREATE TABLE PARAMETERTORUN (
  PARAMRUNID int(11) NOT NULL auto_increment,
  RUNUNIQUEID int(11) NOT NULL default '0',
  PARAMID int(11) NOT NULL default '0',
  PARAMVALUE float(10,2) NOT NULL default '0.00',
  PARAMTEXT varchar(200) NOT NULL default 'None',
  KEY PARAMID (PARAMID),
  KEY PARAMRUNID (PARAMRUNID),
  PRIMARY KEY  (PARAMRUNID),
  KEY RUNUNIQUEID (RUNUNIQUEID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `RUNS`
#

CREATE TABLE RUNS (
  RUNUNIQUEID int(11) NOT NULL auto_increment,
  SESSIONNO int(11) NOT NULL default '0',
  RUNIDENTIFIER int(11) NOT NULL default '0',
  RUNSTART datetime default NULL,
  RUNEND datetime default NULL,
  RUNSTATUS int(11) NOT NULL default '0',
  TYPEID int(11) default NULL,
  PRIMARY KEY  (RUNUNIQUEID),
  KEY RUNUNIQUEID (RUNUNIQUEID),
  KEY SESSIONNO (SESSIONNO)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `RUNTYPES`
#

CREATE TABLE RUNTYPES (
  TYPEID int(11) NOT NULL auto_increment,
  RUNTYPE varchar(50) default NULL,
  RUNDESCRIPTION varchar(50) default NULL,
  PRODC int(11) default NULL,
  PRIMARY KEY  (TYPEID),
  KEY TYPEID (TYPEID)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `SAMPLE`
#

CREATE TABLE SAMPLE (
  SAMPLE_KEY int(11) NOT NULL auto_increment,
  DEWARE_KEY int(11) NOT NULL default '0',
  CRYSTAL_KEY int(11) NOT NULL default '0',
  SUFFIX varchar(20) NOT NULL default '',
  DATA_SET enum('native','ligand','mutant','MAD','SAD','MIR') NOT NULL default 'native',
  CRYSTAL_SIZE varchar(20) default NULL,
  RSYM float(10,2) default NULL,
  STRUC_STATUS enum('Completed','Under refinement','Solved','Initial measurements','More phasing needed','Poor data') NOT NULL default 'Initial measurements',
  PUBLI_STATUS enum('Not applicable','In preparation','Submitted','In press','Published') NOT NULL default 'Not applicable',
  BAG_COMMENT varchar(200) default NULL,
  CANE char(3) NOT NULL default '',
  POSITION char(1) NOT NULL default '',
  RESO_REQ float(10,2) default NULL,
  REMARKS varchar(80) default NULL,
  SENT_ON date default NULL,
  RECEPT_DATE date default NULL,
  SAF_FORM enum('yes','no') NOT NULL default 'no',
  STORAGE tinyint(4) default NULL,
  EXP_STATUS varchar(10) default NULL,
  PRIMARY KEY  (SAMPLE_KEY)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `SESSION`
#

CREATE TABLE SESSION (
  SESSIONNO int(11) NOT NULL auto_increment,
  SE_PL_NO int(11) NOT NULL default '0',
  EXP_OPERATOR varchar(20) default NULL,
  NO_PERF_SHIFTS float(10,2) NOT NULL default '0.00',
  COMMENT varchar(255) default NULL,
  USER_NO int(11) NOT NULL default '0',
  BLOM_COMMENT varchar(200) default NULL,
  LC_COMMENT varchar(200) default NULL,
  KEY SE_PL_NO (SE_PL_NO),
  PRIMARY KEY  (SESSIONNO),
  KEY SESSIONNO (SESSIONNO),
  KEY USER_NO (USER_NO)
) TYPE=ISAM PACK_KEYS=1;
# --------------------------------------------------------

#
# Table structure for table `USER`
#

CREATE TABLE USER (
  USER_NO int(11) NOT NULL auto_increment,
  SE_PL_NO int(11) NOT NULL default '0',
  PROPOS_NO int(11) NOT NULL default '0',
  PROPOS_CATEG_CODE varchar(6) NOT NULL default '',
  PROPOS_CATEG_CPT int(11) NOT NULL default '0',
  SURNAME varchar(45) NOT NULL default '',
  LABO_NAME varchar(45) NOT NULL default '',
  LABO_PAYS_CODE varchar(4) default NULL,
  PROPOS_TIT varchar(180) default NULL,
  LOCAL_CONTACT varchar(45) NOT NULL default '',
  DATE_DEB datetime default NULL,
  DATE_FIN datetime default NULL,
  NO_SHIFTS smallint(6) default NULL,
  INSTR_NOM varchar(16) default NULL,
  SCHEDULED tinyint(4) default '1',
  REG_PXWEB tinyint(4) NOT NULL default '0',
  KEY PROPOS_NO (PROPOS_NO),
  KEY SESSION_NO (SE_PL_NO),
  PRIMARY KEY  (USER_NO),
  KEY USER_NO (USER_NO)
) TYPE=ISAM PACK_KEYS=1;

     
Not that this would allow you to hack them right off, but you could get variable info and alter the URL to gain access or even edit thier database. That is sad.


Link Copied to Clipboard
Member Spotlight
None yet
Forum Statistics
Forums41
Topics33,840
Posts68,858
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Dartur 1
Cyrez 1
Girlie 1
unreal 1
Powered by UBB.threads™ PHP Forum Software 8.0.0