Cyb3r Lord had previously posted the hacks that can be used to exploit NTC website. He also talked about php info in NTC site. However, he didn't share the contents of php info of NTC. So I thought to share it with you guys.
Code:
<?php
phpinfo();
?>
Some parts from it:
System Linux bhadrakali.ntc.net.np 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686
Build Date Jul 16 2008 19:54:37
Server API Apache 2.0 Handler
PHP.INI path /etc/php.ini
allow_url_fopen On On
expose_php On On
magic_quotes_gpc On On
magic_quotes_runtime Off Off
register_globals On On
safe_mode Off Off
SMTP seti.ntc.net.np seti.ntc.net.np
Why the hell are they keeping register_globals on; sucks... And why would they like to turn on allow_url_fopen. Learn some security. Other critical informations not disclosed over here.
Thanks
Showing posts with label phpinfo. Show all posts
Showing posts with label phpinfo. Show all posts
Saturday, 31 October 2009
Subscribe to:
Posts (Atom)