How to skip survey Hack 2013

Best Symlink Method
Bypass Symlink 100%
Private Method
Hello my friends today i will
explain how to bypass any server
even the security is 100000000%

so this method is private but i
decided to make it public 
So no need ".htaccess" or "ini.php"
or "php.ini" to bypass 
First let me explain some tricks °_°
We know that php use html code ,
It's a language that can be
executed in the command line
So in linux System the users
privilege can execute many
command in php and we can
bypass the configuration .
As we know in the cpanel server
we have an option called "cron
job" in the control panel to
execute manycommands.
For example let's make a file
called file.php
Secondly Go to the cpanel in the
server and select "cron job" and
add this command :
/usr/local/bin/php -d
open_basedir= /home/user/
As you can see : "/usr/local/bin/
php" It's the command line in php
for the user
Note: in some servers it's installed
in : "/usr/bin/php"
-d <<<< put the config you want to
execute in that file 
open_basedir= <<<< here you put
open_basedir empty to Bypass
config in "file.php"
<<< here is the path of php file
that you want to execute 
Other Bypass example: /usr/local/
bin/php -d disable_functions= /
Advanced method :
Create a file example
#!/usr/local/bin/php -d
Then just execute the file 
Command: php mauritania.php
Another method to bypass is to
execute a perl file and you can
read the file easily !
symlink ("/home/user/public_html/
So that mean that the admin
didn't run php as :
*CGI module
*SUPHP module .
*apache module.
*enable open_basedir and
safe_mode .
*"Chmod 000 /bin/ln"
=========>>> the perl file still
have the ability to create the links
but even if the admin runs that
shit you still can bypass the
system  perl is powerful 
and if the admin try to disable "/
usr/bin/perl" and chmod it to
"0700" or less  it will broke the
As it requires to be at "0755" for
proper operations, since it is used
by customers as well when it
suexecinto the user when they log
into cPanel.
So we cannot change it to that
setting "700" , since it breaks the
entire system 
*So as you learned today
"open_basedir" is the responsible
of the mobility between the
websites in the shell 
So there is an option Called "Sec
info sometimes "Sec" depends of
the shell you are using 
Example : C99 shell
We have this that mean that the
open base dir is disabled :
"Open base dir: /home/user:/usr/
Okey in some servers you can
bypass the security with jumping
method , some hackers use
php scanner to scan the whole
paths in the server °_° that is
wasting of time  by putting
url before Linux : serverurl/~user/
folder/shell.php °_° very old :s
So i hope you understand now i
uploaded for you a simple tool to
bypass "Open Base_dir" 
Please Comment if It works


Post a Comment

Copyright © PC Tricks