Results 1 to 9 of 9

Thread: Bypass safe mode

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    4

    Angry Bypass safe mode

    Hey,
    Is there a way to bypass safe mode on a linux server PHP/5.2.6 and the disable functions are :


    copy,error_log,tempnam, copy, symlink, curl_init,posix_setuid escapeshellarg, hell-exec, fpassthru, exec, crack_checkcrack_closedict, crack_getlastmessage, crack_opendict, psockopen,php_ini_scanned_files, php_uname, phpinfo, dl, exec, shell_exec,system, passthru, popen, pclose, proc_open,proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid,escapeshellcmd, escapeshellarg,Ini_Restore, phpinfo,SQL,id,CURL,copy,ini_restore,imap ,plugin ,posix_getpwuid


    Any clue?
    Thanks in advance.

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    No clue what you are talking off, maybe you should explain what you have in mind a little bit better.
    Tiocfaidh ár lá

  3. #3
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    4

    Default

    I'm talking about safe mode in PHP
    Code:
    mediawiki.org/wiki/Safe_mode
    and I'm looking for a function in PHP to read some files in the server.
    Something like this way with copy()
    Code:
    securityreason.com/achievement_securityalert/37
    Enjoy.. xpleet

  4. #4
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by xpleet View Post
    I'm talking about safe mode in PHP
    Code:
    mediawiki.org/wiki/Safe_mode
    and I'm looking for a function in PHP to read some files in the server.
    Something like this way with copy()
    Code:
    securityreason.com/achievement_securityalert/37
    Enjoy.. xpleet
    WTF does this have to do with BackTrack?
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Did you consider contacting this guy:

    Email: max [at] jestsuper [dot] pl or cxib [at] securityreason [dot] com

    He seems to know a lot about it.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    $fp = fopen("dump.txt","r");
    $dump=fread($fp.....maybe, 100);
    flcose($fp);
    echo "$dump"

    Is this what you mean, as it doesn't use popen

  7. #7
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    4

    Default

    To Barry : I'm doing a penetration test and I'm asking a question in Pentesting section in the forum, if you don't know the answer DON'T REPLY or just say I don't know..
    I think it's impossible to bypasse safe_mode in this conditions, because it restricts environment variables and there's too much functions disabled!

    Enjoy.. xpleet

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by xpleet View Post
    To Barry : I'm doing a penetration test and I'm asking a question in Pentesting section in the forum, if you don't know the answer DON'T REPLY or just say I don't know..
    I think it's impossible to bypasse safe_mode in this conditions, because it restricts environment variables and there's too much functions disabled!

    Enjoy.. xpleet
    It would have been a little bit better had you posted a bit more information at the beginning to help us figure out what it is you are trying to do.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  9. #9
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by xpleet View Post
    To Barry : I'm doing a penetration test and I'm asking a question in Pentesting section in the forum, if you don't know the answer DON'T REPLY or just say I don't know..
    I think it's impossible to bypasse safe_mode in this conditions, because it restricts environment variables and there's too much functions disabled!

    Enjoy.. xpleet
    I never said I didn't know the answer, I was just wondering why a middle school student was trying to hack a server.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •