You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rivet-dev@tcl.apache.org by bu...@apache.org on 2014/12/08 09:36:18 UTC
[Bug 57325] New: Server Side Includes SSI Injection
https://issues.apache.org/bugzilla/show_bug.cgi?id=57325
Bug ID: 57325
Summary: Server Side Includes SSI Injection
Product: Rivet
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Rivet Core Commands
Assignee: rivet-dev@tcl.apache.org
Reporter: is4curity@gmail.com
CC: mxmanghi@apache.org
Server Side Includes SSI Injection commands and read file on server
Description in attachment with photo
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: rivet-dev-unsubscribe@tcl.apache.org
For additional commands, e-mail: rivet-dev-help@tcl.apache.org
[Bug 57325] Server Side Includes SSI Injection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=57325
--- Comment #2 from Mahmoud El Manzalawy <is...@gmail.com> ---
hello guys mahmoud on mic : )
Server Side Includes ~ SSI~Injection
First Web Server/Host must support "Server Side Includes" .
http://httpd.apache.org/docs/current/mod/mod_include.html
the bug from Check input in this code
http://im76.gulfup.com/HxiDCr.png
whene you open ssii file
and write first name and last name will redirct to SHTML. ssi and print my
first name and ip
http://im76.gulfup.com/8wIXzh.png
http://im76.gulfup.com/PcyQrj.png
ok let me change first name and last name to command by Brup suite
http://im76.gulfup.com/z4IoDu.png
and use this command
<!--#exec cmd="cat /etc/passwd" -->
<!--#echo var="DOCUMENT_NAME" -->
http://im76.gulfup.com/N0ec8K.png
result bypass security and read etc/passwd
http://im76.gulfup.com/3rBVGT.png
Sorry about my bad english hope you guys can understand:-) :D
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: rivet-dev-unsubscribe@tcl.apache.org
For additional commands, e-mail: rivet-dev-help@tcl.apache.org
[Bug 57325] Server Side Includes SSI Injection
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=57325
Massimo Manghi <mx...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
--- Comment #1 from Massimo Manghi <mx...@apache.org> ---
Bug notification unexplained and therefore invalid
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: rivet-dev-unsubscribe@tcl.apache.org
For additional commands, e-mail: rivet-dev-help@tcl.apache.org