Greenguy's Board - View Single Post

JK · 2013-08-11, 08:10 AM

Hi cd34, please excuse my ignorance but are the hackers able to override the .htaccess file by simply deleting the contents or the .htaccess file completely due to elevated privelages or some such through whatever means. (Maybe a more familiar term for techs could be elevated privilege , cross site scripting, SQL injection etc?)

Also, is this a common attack vector on .htacess files or specific to a bug in Tube Ace which allows them to override/edit/delete .htaccess files and/or any other file on the server?

If my limited knowledge is somewhat correct, it appears as though the following directories:

domain.com/avatars/
domain.com/cache/
domain.com/thumbs/
domain.com/uploads/

Are susceptible to allowing uploads and hence the execution of potentially malicious/dangerous CGI scripts consisting of (python, Perl, or PHP scripts) that can be uploaded to the above directories due to some bug such as not sufficiently checking the filename/filetype (or many more advanced measures) or simple user input validation?

I'm interested to know if this could affect a lot more than just Tube Ace, or if it's a simple oversight by this one script that is usually accounted for.

2013-08-11, 08:10 AM	#2
JK Well you know boys, a nuclear reactor is a lot like women. You just have to read the manual and press the right button Join Date: Nov 2003 Posts: 157	Hi cd34, please excuse my ignorance but are the hackers able to override the .htaccess file by simply deleting the contents or the .htaccess file completely due to elevated privelages or some such through whatever means. (Maybe a more familiar term for techs could be elevated privilege , cross site scripting, SQL injection etc?) Also, is this a common attack vector on .htacess files or specific to a bug in Tube Ace which allows them to override/edit/delete .htaccess files and/or any other file on the server? If my limited knowledge is somewhat correct, it appears as though the following directories: domain.com/avatars/ domain.com/cache/ domain.com/thumbs/ domain.com/uploads/ Are susceptible to allowing uploads and hence the execution of potentially malicious/dangerous CGI scripts consisting of (python, Perl, or PHP scripts) that can be uploaded to the above directories due to some bug such as not sufficiently checking the filename/filetype (or many more advanced measures) or simple user input validation? I'm interested to know if this could affect a lot more than just Tube Ace, or if it's a simple oversight by this one script that is usually accounted for. __________________ To alcohol! The cause of, and solution to, all of life’s problems Last edited by JK; 2013-08-11 at 08:20 AM..