I had a site get hacked one time where they put a file such as r0hr.php or something in the directory (my fault I admit for leaving it world-writable in my Joomla site). When one goes to that php page, you could see all the files, directories, etc. It behaved like a file manager. Due to the fact we had deleted all those files from the server, I did not at the time save that php script.
Now I'm working on a server running in a Virtual PC and would love to know how they did that so I can find ways to lock down directories and yet still be able to have only the proper script write to it.
Suppose I have this:
data_dir (chmod 0770)
|
mydomain_dir (chmod 0755)
|
myscript.php (owner+group read+execute)
another_dir (chmod 0777)
And I have the user/group for the data_dir the same as for the script. I can write to it, right? But if someone say, dropped a file in 'another_dir' (which is world writeable), would they be able to see the data_dir? I would think not if the script dropped was saved using user/group that apache uses and data_dir as the user/group that the script uses. Of course, I do not actually plan to have any chmod 0777 directories on the production server. But I did want to investigate this a bit more.
Does anyone know how to use php to browse directories and files? Even links to more information would be appreciated.
How do they see all your files and directories?
Moderator: General Moderators
-
FuzzieDice
- Forum Newbie
- Posts: 4
- Joined: Wed Sep 19, 2007 3:04 pm
If the script is run by apache, it runs as apache's user/group, regardless of who owns the actual file itself.
As far as reading directories goes, you'd want to recursively do this:
As far as reading directories goes, you'd want to recursively do this:
Code: Select all
$dir=opendir($dirname);
while (($file=readdir($dir))!==false)
{
echo "$dirname/$file<br />\n";
}
closedir($dir);