Local file inclusion, default debian

All topics relating to computer security and internet privacy. Please try to keep it technical related and leave political diatribes at the door.
Post a reply

Local file inclusion, default debian

Postby kenterer » May 27th, 2012, 5:59 pm

Hey there,

if a webprogrammer made the mistake having such code:

Code: Select all
 <?php include $_GET["page"]; ?>


and including files with

Code: Select all
 ../index.php?page=start.php


then an attacker can misuse the proc file descriptors to access the error.log, since you find them in

Code: Select all
/proc/[pidOfApache]/fd/[0-11]


and they are always 11 or less. Therefore, an attacker can simply try all of them and acess the error.log.

Why is there such an "implementation" on unixoides systems?, is this considered to be a default-vulnerability?

cheers
kenterer
 
Posts: 3
Joined: May 27th, 2012, 5:43 pm
Top

Re: Local file inclusion, default debian

Postby Beewolf » May 28th, 2012, 11:28 am

UNIX wasn't originally designed to be secure beyond basic timesharing and /proc was imported from Plan 9.
Llewellyn H. Rockwell Jr. wrote:Data points on their own convey no theory, suggest no conclusions, and offer no truths. To arrive at truth requires the most important step that we as human beings can ever take: thinking. Through this thinking, and with good teaching and reading, we can put together a coherent theoretical apparatus that helps us understand.
User avatar
Beewolf
 
Posts: 467
Joined: February 9th, 2011, 4:37 pm
Top

Re: Local file inclusion, default debian

Postby kenterer » May 31st, 2012, 8:24 am

this proc vulnerability does not seem to work anymore in debian, did they changed anything there?
kenterer
 
Posts: 3
Joined: May 27th, 2012, 5:43 pm
Top
Post a reply

Return to Security/Privacy-Related

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style by Marc Alexander © 2007 - 2010

x