Inspathx/Example3

From aldeid
Jump to navigation Jump to search
You are here:
Example #3: WackoPicko

Description

This section shows the results of Inspathx run against WackoPicko.

Inspathx output

Below are the results of Inspathx run against WackoPicko, a vulnerable PHP application. For the example, the "display_error" directive (php.ini configuration file) has been set to "On" to display all the errors. 

$ ruby inspathx.rb -d /var/www/ -u http://localhost

=============================================================
Path Discloser (a.k.a inspathx) / Error Hunter
 (c) Aung Khant, aungkhant[at]yehg.net
  YGN Ethical Hacker Group, Myanmar, http://yehg.net/

svn co http://inspathx.googlecode.com/svn/trunk/ inspathx
=============================================================


# target: http://localhost//
# source: /var/www/
# log file: localhost__.log
# follow redirect: false
# null cookie: false
# total threads: 10
# time: 16:39:30 01-29-2011


[*] http://localhost//test.php

[*] http://localhost//admin/index.php

# waiting for child threads to finish ..
........
[*] http://localhost//error.php
.



# vulnerable url(s) = 3
# total requests = 49
# done at 16:39:32 01-29-2011

Send bugs, suggestions, contributions to inspathx[at]yehg.net

Log file

Here is the generated log file: 

# Logfile created on Sat Jan 29 16:39:30 +0100 2011 by logger.rb/22285
I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : TargetURL: http://localhost//
I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : Source: /var/www/
I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : Settings: follow redirect: false,null cookie: false, total threads: 10
I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : Date:  16:39:30 01-29-2011


I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : [*] http://localhost//test.php

[html_source]

Notice: Undefined index: head in /var/www/test.php on line 2

Notice: Undefined index: title in /var/www/test.php on line 3

Notice: Undefined index: href in /var/www/test.php on line 4

Notice: Undefined index: script in /var/www/test.php on line 5
<html>
<head> <title></title></head>
<body>
<a href="http://">text</a>
<script>
   </script>
<frameset>

</frameset>
</body>
</html>[/html_source]


I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : [*] http://localhost//admin/index.php

[html_source]

Notice: Undefined index: page in /var/www/admin/index.php on line 3

Warning: require_once(.php): failed to open stream: No such file or directory in /var/www/admin/index.php on line 4

Fatal error: require_once(): Failed opening required '.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/admin/index.php on line 4
[/html_source]


I, [2011-01-29 16:39:30 pid:#12615]  INFO -- : [*] http://localhost//error.php

[html_source]

Notice: Undefined index: msg in /var/www/error.php on line 5
<html>
  <head>
    <link rel="stylesheet" href="/css/blueprint/screen.css" type="text/css" media="screen, projection">
    <link rel="stylesheet" href="/css/blueprint/print.css" type="text/css" media="print"> 
    <!--[if IE]><link rel="stylesheet" href="/css/blueprint/ie.css" type="text/css" media="screen, projection"><![endif]-->
    <link rel="stylesheet" href="/css/stylings.css" type="text/css" media="screen">
    <title>WackoPicko.com</title>
  </head>
  <body>
    <div class="container " style="border: 2px solid #5c95cf;">
      <div class="column span-24 first last">
	<h1 id="title"><a href="/">WackoPicko.com</a></h1>
      </div>
      <div id="menu">
	<div class="column prepend-1 span-14 first">
	  <ul class="menu">
	    <li class=""><a href="/users/home.php"><span>Home</span></a></li>
	    <li class=""><a href="/pictures/upload.php"><span>Upload</span></a></li>
	    <li class=""><a href="/pictures/recent.php"><span>Recent</span></a></li>
            <li class=""><a href="/guestbook.php"><span>Guestbook</span></a></li>
      
      	  </ul>
	</div>
	<div class="column prepend-1 span-7 first last">
	  <ul class="menu top_login" >
      	    <li><a href="/users/login.php"><Span>Login</span></a></li>
      	  </ul>
	</div>
      </div>
      
      
      
      <div class="column span-24 first last" id="search_bar_blue">
	<div class="column prepend-17 span-7 first last" id="search_box">
	  <form action="/pictures/search.php" method="get" style="display:inline;">
	    <input id="query2" name="query" size="15" style="padding: 2px; font-size: 16px; text-decoration:none;border:none;vertical-align:middle;" type="text" value=""/>
	    <input src="/images/search_button_white.gif" type="image" style="border: 0pt none ; position: relative; top: 0px;vertical-align:middle;margin-left: 1em;" />
	  </form>
	</div>
      </div>
   <div class="column prepend-1 span-22 first last">
<h2>There was an error!</h2>

   <p class="error" style="text-align:center;"></p>

</div>

       <div class="column span-24 first last" id="footer" >
	<ul>
	  <li><a href="/">Home</a> |</li>
          <li><a href="/admin/index.php?page=login">Admin</a> |</li>
	  <li><a href="mailto:contact [ A T ] wackopicko.com">Contact</a> |</li>
	  <li><a href="/tos.php">Terms of Service</a></li>
	</ul>
      </div>
    </div>
  </body>
</html>  
   [/html_source]


I, [2011-01-29 16:39:32 pid:#12615]  INFO -- : Vulnerable url(s) = 3
I, [2011-01-29 16:39:32 pid:#12615]  INFO -- : Total requests = 49
I, [2011-01-29 16:39:32 pid:#12615]  INFO -- : Generated by inspathx, path disclosure finder tool
I, [2011-01-29 16:39:32 pid:#12615]  INFO -- : by Aung Khant, http://yehg.net/lab


I, [2011-01-29 16:39:32 pid:#12615]  INFO -- : 
Send bugs, suggestions, contributions to inspathx[at]yehg.net
Retrieved from "https://www.aldeid.com/w/index.php?title=Inspathx/Example3&oldid=35433"