Results 1 to 5 of 5

Thread: Data base

  1. #1
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    8

    Default Data base

    hi,

    i have a friend who have created a website and his
    database is created with text files

    when php execute the code the chmod is from 000 to 755 an
    and on the server the file si on 000


    but is it really secure or not ?
    if we don't know the files name can we download the texts files ?



    ( sorry for my bad english )

    thanks

  2. #2
    dementia_reign
    Guest

    Default

    well im not going to say im much of a linux guru on the file chmod and permission attributes but what type of db does he use and does it do any queries from the dbms or are they flat file databases? ie a text file

  3. #3
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    8

    Default

    there is no database

    only textfiles

  4. #4
    dementia_reign
    Guest

    Default

    depending on the php code and the webserver you may be able to do a file inclusion vulnerability and try to take over the server go to www root
    and locate the text file names then download them

    or just try to use a brute force directory tool see if it can grab the names of the files
    honestly not sure just trying to be helpful

  5. #5
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    8

    Default

    he disallow the rights files on the server


    i'm going to try with a brutforce to grab the files


    thanks you

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •