what is symlink

                               what is symlink





Symlink is basically a linux function that allow you to make shortcut (reference) to another file or directory. In linux servers (shared hostings) there are many users in site and they divide hosting space in different
parts. okay if you see with hackers eye.. how will they use it for evil purpose ??
well when a hacker hacks into a website and shell it and get full access to that particular website and its user 
he can only make change in specific disc space that is granted to that particular user. He have no access to other user's space 
but he can use this function to read sensitive files i.e database configuration files. 
example : me and You have websites on a same server you have installed a wordpress cms on your website
we are on same server but We can Try Symlinking your wordpress config file and 
can get details of your database user,password and  can login in mysql server easily. 

suppose your website directory is

/home/target/public_html/
 and mine is
/home/Cyber-Warriors/public_html/

and wordpress has default config file here ===> /public_html/wp-config.php
and it includes your database information 
okay now but question is how I gonna Get your database information in that file when I just cant access your disc space?

we can try symlink so what can i do is

execute this command:

ln -s /home/target/public_html

(but execute this command in some new folder because we also gonna write some htaccess configuration code that will allow us to read all files in .txt format)
now we will see another folder created in same directory where we executed code but still we cant access it
we need to add a configuration files that will tell the server how to open this:
------------------------------------------------------
Options all
DirectoryIndex Sux.html
AddType textplain .log
AddType textplain .php
AddType textplain .conf
AddType textplain .sql
AddHandler server-parsed .php
AddHandler txt .html
Require None
Satisfy Any
------------------------------------------------------
what will this code do ? this will treat all .log, php, conf, sql files as plain text .
okay now you can access target user directory by using this
http://yourwebsite/yourfolder/symlinkdir/

you will see all files of your target directory , now just read config file and get database user
 and password and login in mysql server
with his account and can add new admin to his website from there

                                       how can you patch this ??

we can change permissions of ln for non root users by issuing command
chmod 760 /bin/ln  or we can change php.ini file of main server and disable proc_open and symlink function from there.



Share This Post »»

Penulis : Admin ~ Sebuah blog yang menyediakan berbagai macam informasi

Artikel what is symlink ini dipublish oleh Admin pada hari Monday 31 March 2014 . Semoga artikel ini dapat bermanfaat.Terimakasih atas kunjungan Anda silahkan tinggalkan komentar.sudah ada 0 komentar: di postingan what is symlink
 

0 comments :

Post a Comment

Subscribe to: Post Comments ( Atom )