Simple Kit for Testing Access Policies

Simple Kit for Testing Access Policies

Hi guys, I remember you that this is a tutorial talking about the Simple kit for Testing Access Policies, if you want download the completly kit you can check this page!

Simple Kit for Testing Access Policies

Simple Kit for Testing Access Policies



This Toolkit is related to my paper “1&1 y las 1.831 vulnerabilidades” so, if you have not readed it, please, check it before continue reading this.

What is Simple Kit for Testing Access Policies

This ToolKit is a simple kit for Testing Access Policies in a web server, it is only some php files that you can upload to any server to list directories, exect commands, see file content and download files that you have read permissions from the website.

If you can see files like /etc/passwd or /proc/*, it means your server where you’re running the script has a bad access policies configurations, like you can see in my paper, it can be used to test posibles security breaches in the server where you website is hosted, in this casi in a 1&1 hosting, and like you can see in this case, 1&1 has not a good access policies.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *