I am working on this problem:
https://www.hackthissite.org/missions/realistic/3/
The site above has been hacked and it is our job to return it back to its original state. I started by looking at the source code. The hacker left a comment reading:
"Note to the webmasterThis website has been hacked, but not totally destroyed. The old website is still up. I simply copied the old index.html file to oldindex.html and remade this one. Sorry about the inconvenience."
Therefore I went to https://www.hackthissite.org/missions/realistic/3/oldindex.html
I then clicked on submit poetry. In the name field I put ../index.html and in the poem field I put the source code of the page:
www(dot)hackthissite.org(dot)missions/realistic/3/oldindex(dot)html.
I got the right answer; however, I don't quite get how this works.
First of all how do you know when something is susceptible to
directory traversal. I did it because I looked at the forums, but
how would I know that directory traversal is an option?
If you click on read poem --> 'poem name' you get a url like this:
www(dot)hackthissite(dot)org/missions/realistic/3/readpoem(dot)php?name=The%20Idiot
In that case wouldn't the final url using ../index.html be:
www(dot)hackthissite(dot)org/missions/realistic/3/?name=index(dot)html
not www(dot)hackthissite(dot)org/missions/realistic/3/index(dot)html
Sory for the (dot). I need more reputation to post more links.
During a directory traversal attack, the attacker will submit a filename contaning characters that will allow them to access files outside of the intended directory. For example a single dot (.) refferes to the current directory and two dots (..) the parent directory. During an attack the aim will be to access and read restricted files using PHP's elevated privileges.
This is an example of directory transversal vulnerable php code:
$page = $_GET['page'];
$filename = "/pages/$page";
$file_handler = fopen($filename, "r");
$contents = fread($file_handler, filesize($file));
fclose($file_handler);
echo $contents;
In your challenge the file: "readpoem.php" is vulnerable in his $_GET['name'] variable and its happening something similar.
In a blackbox pentesting you can detect it by following errors produced when fuzzing a value and analyzing your request/respond traffic.
en.wikipedia.org/wiki/Fuzz_testing
One type of solution to prevent this is checking for "forbidden" occurrences as someone put an example here:
Preventing Directory Traversal in PHP but allowing paths
Related
So I have an assignment for my finals homework. It wants me to make a directory tree with some commands, similar to CMD. For example it will give me "make " and I will add directories to the tree. I got all the commands, syntax checking etc. down but I can't think how can I create the tree.
I thought about making a general tree for it, but there's a problem. When I add new folders, I need to check if it's already there and print a message if it is. I don't know a lot about tree structure but from what I know, to check them, I need to do firstChild, secondChild... until there is none which seems not the best way to do it.
I need ideas on this. I don't want you to do my homework, just a guideline for me to study would be more than enough.
To check if a directory path exists you can use fstat (see: https://linux.die.net/man/2/fstat).
But if you have the full path, you will parse that and check all if every part's parent exists.
For example if the path is /usr/local/bin/test you should check if /usr exists, then /usr/local, then /usr/local/bin and finally /usr/local/bin/test.
To do this you could write a recursive function calling itself with the last folder part stripped (unless you're at the root level) before checking if the specified path exists.
I have an URL like
url = "file:D:/inputFolder?move=D:/outputFolder". we are making this url dynamically.
I want to rename the file while moving, So I made it something like this
url = "file:D:/inputFolder?move=D:/outputFolder&fileName=abc.txt". But I think move and fileName do not work together, it is not renaming.
Is there any alternative to do it? Please remember I want with "move" only.
I cannot use .setHeader(..) also.
Thanks,
Hy,
as far as I understand you, your trying to move the file in one single uri.
That is not really how camel works.
The idea of camel is to have a "consumer" and a "producer", where the consumer loads data (e.g. your file) and the producer puts the data somewhere (e.g. save the file into a folder)
That being said, here is what worked for me with a java route:
from("file:/home/chris/temp/camel/in")
.to("file:/home/chris/temp/camel/out/?fileName=test.txt");
The from part configures the folder where camel looks for new files. A few notes on that:
The file component checks the folder each 0.5 sec for new files. This can be changed with the delay parameter
The option noop configures, if the file is being moved or copied. By default it is set to false, which means it is moved
In the to part you configure, where the file is supposed to be moved. Here you can use the fileName parameter to rename the file.
Be careful with this though, because setting an option in the uri directly does make it "static".
What I mean by that is, that the only way of changing the parameter is by completely reconfiguring the route or by restarting it, where neither is something you would want to do normally.
Note 1:
Moving all files that are put into one folder into the same file always overrides the previous file by default.
You could, for example, use the fileExists parameter to always just append the content of the file: fileExists=Append (See camel file docu for details)
Note 2:
There is an option in the file component to not "move" the file, but copy, rename and delete it, which sometimes is necessary, when you want to move it onto a different drive and a simple copy does not work.
Also see the docu for the camel file component for details on that.
Note 3:
You can have multiple to() statements in the same route to have the file moved to multiple locations. For example:
from("file:/home/chris/temp/camel/in")
.to("file:/home/chris/temp/camel/out/?fileName=test.txt")
.to("smtp:....");
Hope I could help you and answer you question.
Greets
Chris
Two possible ways to achieve your goal.
Use both "consumer" and "producer"
Using this way, you are free to control where and how your destination can be set and has great freedom to control filename with the use of a processor/bean.
from("file:D:/inputFolder")
.to("file:D:/outputFolder?fileName=abc.txt")
Use "consumer" only
Using this way, you are treating your work as source data control. This can be use when your file is going to move within same drive. The drawback is the filename rename pattern is limited (refer to camel file language)
from("file:D:/inputFolder?move=${file:parent}/../outputFolder/abc.txt")
I am currently facing an issue which I don't know how to fix. I got the following Julia code:
while true
print(watch_file("test"))
end
So this should get me all the file changes in the directory named "test". At least on windows.
Now thats all well and good, and it kinda works, at least for creating a file or moving a file to that directory. This is an example of what I get:
("New Textfile.txt",Base.FileEvent(true,false,false))
But when I delete or rename that file, I don't get the filename of the file deleted or renamed.
("",Base.FileEvent(true,false,false))
Is there a different method/function I can get the filename with, even when the file is deleted or renamed? Or even better, a way that archives this and is cross-platform-compatible? Any help appreciated.
EDIT: If you could give me an alternative that supports recursive monitoring, that would be even better.
In Linux, Julia 0.4.5 and 0.4.3 watch_file returns file name always. It is a very platform-dependent feature (like in Node.js https://nodejs.org/api/fs.html#fs_caveats) and only manual polling can be truly platform-independent solution.
I have troubles with replacing file contents in my current project. I renamed a directory, and a lot of class names has been changed cause of this. A want to rename this classes with netbeans, but I cannot setup the file path pattern well.
The previous directory path was: Test/TestCase under Source Files, and the new path is Test/UnitTest. So I have to rename the TestCase word to UnitTest in my php files.
I tried with *.php, it works (of course it works...), but returns every php file in the project which contains that word, and I don't want to choose from circa half thousand files the right ones. The files of the unit test system could easily contain the TestCase word...
Tried out the following patterns, but they gave empty result:
Test\UnitTest\*.php
*Test\UnitTest\*.php
Test/UnitTest/*.php
*Test/UnitTest/*.php
Test/UnitTest/*
I have not a clue what I do wrong... I tried to search a tutorial for file search patterns but have found only regex patterns and those are definitely not what I was looking for. Can anybody help me?
Lol, I checked it again, and I realized, that I didn't notice the "scope" part last time. In that you can choose the current selection instead of the entire project. So the pattern matches only the file name, not the relative path of the file...
It was so obvious... This is an epic fail, I think I was too tired...
In c#, given a folder path, is there a way to get the last modified file without getting all files?
I need to quickly find folders that have been updated after a certain time and if the file that was last modified is before the time, i want to skip the folder entirely.
I noticed that folder's last modified time does not get updated when one of its file get updated so this approach does't work.
No, this is why windows comes with indexing to speed up searching. The NTFS file system wasn't designed with fast searching in mind.
In any case you can monitor file changes which is not difficult to do. If it is possible to allow your program to run in the background and monitor changes then this would work. If you needed past history you could do an initial scan only once and then build up your hierarchy from their. As long as your program is always being ran then it should have a current snapshot and not have to do the slow scan.
You can also use the Window Search itself to find the files. If indexing is available then it's probably as fast as you'll get.
Try this.
DirectoryInfo di = new DirectoryInfo("strPath");
DateTime dt = di.LastWriteTime;
Then you should use
Directory.EnumerateFiles(strPath, "*.*", SearchOption.TopDirectoryOnly);
Then loop the above collection and get FileInfo() for each file.
I don't see a way how can you get the modified date of a file w/o getting reference to FileInfo() on that file.
I don't think FileInfo will get this file as far as I know.