How do they see all your files and directories?
Posted: Thu Sep 20, 2007 9:10 pm
I had a site get hacked one time where they put a file such as r0hr.php or something in the directory (my fault I admit for leaving it world-writable in my Joomla site). When one goes to that php page, you could see all the files, directories, etc. It behaved like a file manager. Due to the fact we had deleted all those files from the server, I did not at the time save that php script.
Now I'm working on a server running in a Virtual PC and would love to know how they did that so I can find ways to lock down directories and yet still be able to have only the proper script write to it.
Suppose I have this:
data_dir (chmod 0770)
|
mydomain_dir (chmod 0755)
|
myscript.php (owner+group read+execute)
another_dir (chmod 0777)
And I have the user/group for the data_dir the same as for the script. I can write to it, right? But if someone say, dropped a file in 'another_dir' (which is world writeable), would they be able to see the data_dir? I would think not if the script dropped was saved using user/group that apache uses and data_dir as the user/group that the script uses. Of course, I do not actually plan to have any chmod 0777 directories on the production server. But I did want to investigate this a bit more.
Does anyone know how to use php to browse directories and files? Even links to more information would be appreciated.
Now I'm working on a server running in a Virtual PC and would love to know how they did that so I can find ways to lock down directories and yet still be able to have only the proper script write to it.
Suppose I have this:
data_dir (chmod 0770)
|
mydomain_dir (chmod 0755)
|
myscript.php (owner+group read+execute)
another_dir (chmod 0777)
And I have the user/group for the data_dir the same as for the script. I can write to it, right? But if someone say, dropped a file in 'another_dir' (which is world writeable), would they be able to see the data_dir? I would think not if the script dropped was saved using user/group that apache uses and data_dir as the user/group that the script uses. Of course, I do not actually plan to have any chmod 0777 directories on the production server. But I did want to investigate this a bit more.
Does anyone know how to use php to browse directories and files? Even links to more information would be appreciated.