legohead6 Posted January 25, 2008 Share Posted January 25, 2008 the new online storage... the only thing not working right is the public file system, but please critic everything else, try uploading a varitey of files and see what happens! pics, music, and text have been tested already. http://www.filepile.ca Username: testacc Pass: phpfreak also open to suggestions for new features that would make you want to use the site! Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/ Share on other sites More sharing options...
agentsteal Posted January 25, 2008 Share Posted January 25, 2008 Admin Access: Anyone can get your username and password through the PHP Source Code Disclosure. Admin Access: Anyone can edit the files on the site through the Directory Transversal. Admin Access: If you upload a PHP file you can run PHP code on the server. Cross Site Scripting: There is Cross Site Scripting when you register if your username contains >code. Directory Transversal: There is Directory Transversal if your username contains ../ Directory Transversal: http://www.filepile.ca/pdoc.php?url=Li4vaW5kZXguaHRtbA Directory Transversal: http://www.filepile.ca/account.php?f=Li4v Directory Transversal: There is Directory Transversal if you create a folder that contains ../ Directory Transversal: There is Directory Transversal if you move a folder that contains ../ Directory Transversal: There is Directory Transversal if you delete a folder that contains ../ Directory Transversal: There is Directory Transversal if you delete a file that contains ../ Directory Transversal: There is Directory Transversal if you move a file that contains ../ Full Path Disclosure: http://www.filepile.ca/move.php?f[] Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/move.php on line 72 Full Path Disclosure: http://www.filepile.ca/account.php?f[] Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 43 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 78 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/account.php on line 95 Full Path Disclosure: http://www.filepile.ca/ppub.php?url[] Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/ppub.php on line 3 Full Path Disclosure: There is Full Path Disclosure if your username contains ../ Warning: mkdir(members/../) [function.mkdir]: File exists in /home/matts15/public_html/filepile/register.php on line 143 Full Path Disclosure: http://www.filepile.ca/pdoc.php?url[] Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/pdoc.php on line 20 Full Path Disclosure: http://www.filepile.ca/doc.php?f[] Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/doc.php on line 4 Full Path Disclosure: There is Full Path Disclosure on http://www.filepile.ca/pdoc.php?url[] if you submit the download. Warning: base64_decode() expects parameter 1 to be string, array given in /home/matts15/public_html/filepile/pdoc.php on line 4 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 6 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 7 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 8 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 9 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 10 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 11 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 12 Warning: Cannot modify header information - headers already sent by (output started at /home/matts15/public_html/filepile/pdoc.php:4) in /home/matts15/public_html/filepile/pdoc.php on line 13 Full Path Disclosure: http://www.filepile.ca/phpinfo.php Full Path Disclosure: http://www.filepile.ca/error_log PHP Source Code Disclosure: There is PHP Source Code Disclosure on http://www.filepile.ca/pdoc.php if the url is set to the base64 of a PHP page. PHP Source Code Disclosure: There is PHP Source Code Disclosure on http://www.filepile.ca/doc.php if the f is set to the base64 of a PHP page. User Enumeration: http://www.filepile.ca/~matts15 User Enumeration: http://www.filepile.ca/~nobody User Enumeration: http://www.filepile.ca/~root You can access any user's files in http://www.filepile.ca/members/. Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-448679 Share on other sites More sharing options...
legohead6 Posted January 25, 2008 Author Share Posted January 25, 2008 alright, i fixed the usernames not allowing any coding in the username, whats the best way to get rid of the full path disclosures? put @ symbols in front of all? also what do you mean by user enumeration. Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-449262 Share on other sites More sharing options...
legohead6 Posted January 26, 2008 Author Share Posted January 26, 2008 THANKS agent, all listed problems solved... anyone else find anything? Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-449408 Share on other sites More sharing options...
legohead6 Posted February 8, 2008 Author Share Posted February 8, 2008 ok, well i guess its bulletproof! Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-462156 Share on other sites More sharing options...
john010117 Posted February 10, 2008 Share Posted February 10, 2008 Uh oh. Try looking at the file list now in the account that you gave us. Better fix somethings. (I just typed in "><script>" (without quotes) Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-463024 Share on other sites More sharing options...
legohead6 Posted February 11, 2008 Author Share Posted February 11, 2008 thanks john, fixed. Link to comment https://forums.phpfreaks.com/topic/87704-filepileca/#findComment-463642 Share on other sites More sharing options...
Recommended Posts