28 questions
1
vote
0
answers
22
views
Synchronizing a local file with a remote web host
I have a pdf that I want to fetch whenever my computer is connected to the internet such that any time there is a new version uploaded, I replace the local copy on my device. How can I accomplish this ...
- 11
0
votes
0
answers
2k
views
AWS WAF rule AWSManagedRulesCommonRuleSet does not seem to work properly
I'm currently trying to setup a Cloudfront distribution with a web ACL (WAF). I enabled the AWS managed rule called AWSManagedRulesCommonRuleSet (documentation to this rule can be found here: https://...
- 61
1
vote
0
answers
587
views
Preventing Directory Traversal in php get page script
I am trying to implement a secure php get page function afer my website got hacked with LFI, RFI and DTA (I got the whole package LOL).
Browsing the web I found this script which seems to work fine in ...
- 11
0
votes
1
answer
265
views
Cross-Site Scripting vulnerability in C
Hope your doing well.
Can somebody help me to resolve this. Cross-Site Scripting in C.
This is occurring in my C file.
Here am proving the URL like, how they are getting the info.
http://rs152.mt.att....
- 21
0
votes
1
answer
2k
views
python http.server module not working over port 80 in Remote File Inclusion exercise
I am doing a pentesting challenge and I am working on one machine that requires gaining access through a Remote File Inclusion vulnerability. In the past I was able to get a webshell by including a ...
- 47
-1
votes
1
answer
908
views
RFI not working properly, how to open a shell?
When i am trying to backdoor a web page given to me to find a specific file, upon requesting a shell i am given the following warnings on the page, and no other information is given. Should a shell ...
- 43
2
votes
1
answer
2k
views
Is Django framework vulnerable to local file inclusion(LFI) and remote file inclusion(RFI)?
Like in php, include() method and allow_url_include can be vulnerable to LFI and RFI.
Does django's include is vulnerable to lfi and RFI?
- 31
-1
votes
1
answer
457
views
BASH syntax error nc -vvv 192.168.190.130 80 GET /<?php system($_GET['cmd']);?> bash: syntax error near unexpected token `('
This is request I am generating for practicing LFI.
nc -vvv 192.168.190.130 80 GET /<?php system($_GET['cmd']);?>
This is the error I am getting:
bash: syntax error near unexpected token `(...
- 53
0
votes
1
answer
262
views
chef template/statements with remote_file
I'm trying to create a chef script which downloads a file & pass the content of the downloaded file to template variables using IO.read(downloaded File), which internally download multiple files. ...
- 138
2
votes
1
answer
4k
views
Javascript: How to read data from remote js file?
I have a javascript file from remote server and it contains a variable which has data which I want to access.
Js file:
http://static.www.xxx.com/mydata/uXKojYEd9WXFpAasite/v4_3/3/d/itemjs
Js file ...
- 378
0
votes
2
answers
846
views
IBM AppScan Security PathTraversal issue in File.Copy method in VB.Net
I ran IBM AppScan tool on a VB.Net source.I am getting one security issue in File.Copy method under Path Traversal category.
Issue Detail -
Vulnerability Type - PathTraversal
This API accepts a ...
- 1
0
votes
0
answers
182
views
Celery remote worker accessing file
I have a function which should take an executable file as argument, execute it and return the result. This function should be run asynchronously so I'm using celery. I want to use multiple computers ...
- 98
0
votes
1
answer
147
views
including remote files in c#
I have c# file with all contents contained in a namespace LinkedList saved with the name linkedlist.cs . This file doesn't have a main() method. I want to include the content of that file or that ...
- 371
5
votes
2
answers
1k
views
Mounting a remote file system (sshfs) through an intermediate machine
The situation:
I am working from machine1, where I have root access. From machine1 I can access machine2 (where I am a user with no privileges) through ssh.
machine3 (also user with no privileges) is ...
- 7,627
1
vote
1
answer
101
views
MVC framework error in second level directory
i am building an mvc framework to manage my projects i have my htaccess file configured as this
RewriteEngine On
RewriteBase /mymvc/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{...
1
vote
0
answers
527
views
ColdFusion 9 and Remote File Inclusion
My site has just been hacked and I suspect that it was a remote file inclusion attack. These are my server specs:
Windows Server 2008 R2 running ColdFusion 9 (9.0.1.274733) and IIS 7.5
This is the ...
- 113
0
votes
3
answers
7k
views
Opening remote file using PHP
I have a PHP page where i want to open a file on a remote machine and read its contents. I have to specify the remote machine's IP address. How can this be done in PHP ?
- 3,320
1
vote
1
answer
5k
views
reading a file from remote host using perl
I am trying to read a file(temp.txt) placed under /root directory on remote host(ubuntu) in same LAN from ubuntu machine.(ssh and ftp are open)
The perl script is able to connect and a OpenSSH dialog ...
- 141
2
votes
6
answers
3k
views
Use php to read the source of a php file
I'm attempting to use php to read the source of a separate php file. I'm attempting to use file_get_contents in the following manner
file_get_contents('http://www.example.com/someFile.php');
...
- 12.5k
3
votes
2
answers
3k
views
Can't include file on remote server
My problem is that I can't include a file on a remote server.
<?php
echo "Including\n";
require_once("http://xx.xxx.xxx.xx:8080/path/to/myfile.inc");
echo "Done..\n";
?>
The script fails ...
- 113
2
votes
1
answer
1k
views
Remote File Inclusion via Another Server?
My server (mediaquarter.at) is currently being DDoSed by requests like this (with some minor variations): hXXp://www.mediaquarter.at/http://www.madeineurope.org.uk/media/functions/timthumb/timthumb....
- 10.8k
1
vote
2
answers
382
views
jquery: is there a way to read all files from the host directory?
im just brainstorming an interface that dynamically generates a page based on files located in page's directory. I'm wondering if jquery can do this? For instance, a page just displays information ...
- 12.1k
1
vote
1
answer
148
views
Routing a download through server; PHP settings
I'm trying to download a video source file from our video host, Ooyala, but the filename for these files is long, not descriptive, and has no extension. Since these files will be downloaded by many ...
- 958
0
votes
3
answers
590
views
Check referrer?
I am having a problem. I have this code:
$theUrl = $_GET["url"];
include("$theUrl.php");
This gets the url, for example: http://mywebsite.com/index.php?url=test
But what if someone puts in:
http:/...
- 1
4
votes
1
answer
6k
views
PHP eval(gzinflate(base64_decode(..))) hack - how to prevent it from occurring again?
We recently had a website hacked, where some PHP code was injected into the index.php file that looked something like:
eval (gzinflate(base64_decode('s127ezsS/...bA236UA1')));
The code was causing ...
- 2,790
1
vote
1
answer
729
views
cck remote file (image) field - I want to keep the cached copy of the image when the node is deleted
I use the Remote File module for a cck field displaying a remote image. It works with a known issue: images are reloaded on every edit http://drupal.org/node/395256
And as i do tests with lots of ...
- 3,158
2
votes
1
answer
3k
views
How to Open a Remote Text File using Server.MapPath in ASP.Net?
This is what I have right now for a file residing on the same server and it works.
Dim FILENAME as String = Server.MapPath("Output.txt")
Dim objStreamWriter as StreamWriter
objStreamWriter = File....
- 7,961
1
vote
1
answer
513
views
Would this redirect script open me up for code injection or remote file inclusion?
Recently I ran across a blog article about using PHP scripts to redirect affiliate links. It got me thinking whether this script was safe or not. I've heard that using the $_GET variable can lead to ...
- 16k