Hi, if i had found a way in a site from my school to upload any php script in a directory called "www.evil.com/b/l/a/upload".
Is it than possible that i could write a php script in "upload" dat could steal the .htaccess file in directory "a" ?
The script writing wouldn't be any trouble, but i'm actually asking if it is possible to copy a .htacces file..

Thanks

depends on your rights(i.e. chmod) and if there is even some php interpreter installed and configured(i.e. mod_php for apache)

Usually it should be possible to open the .htaccess or .htpasswd just as any other file.
Just try it. If it doesn't work you should get some error output.

tried that, doens't work.. The site has pretty good security..
To bad. I'll go back googling exploits and trying out stuff.
Thanks for the help