Friday, April 22, 2005

Some Pen Test

This dayz , just opening all my archive about list vulnerable sites. Then try to access them to get some access locally (many technique) and many of them are work !(it mean the site still leave !unpatched by the "holy" admin) .
Just playing around , try to use an old technique for remembering my 'old' brain how to do that without harming the "target" machine. !Honestly, i dont do 'nasty', 'bad' and 'stupid' things .
The funny thing , many sites are not aware against permission file restriction, ive found many configuration file are readable by "non-user" or Unkown user, also leave some testing Directory (!funny ?) which is name "test" , "forumtest" and else with writeable permission for "non-user" (Again?), Also ive found 'similar' mapping to site for example for site "one" it was /home/siteone/var/www/html/ then site "two" must be /home/sitetwo/var/www/html . !Yes, It make easier for admin to manage it, but it also for me to jump from one user to another .
Another vulnerable are the password store in some databases are notencrypted (not all).... !So ? .
I tell you what , many big-sites (have many member) are included .