Monday, October 17, 2011

RFI (Remote File Inclusion)

Remote File Inclusion (RFI) is a type of vulnerability some websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to Code execution on the web server.
The main cause is due to the use of unvalidated external variables , Most notable is the include statement.
The vuln. Code looks like:       


To attack you do is search for site:
Example using google dork inurl:php?page= or some kind of the url should be like:
well we wont find RFI vuln sites these days you may find 1 or 2 in a million or maybe not.this is for educational purpose only.but I will be explaining you with screenshots.

Step1:find the vuln site.
Then place ../ at the end of url (remove the content in page=) like this

If it shows some kind of error like :: 

Warning: file(../) [function.file]: failed to open stream: Permission denied in\\systemname\users\ in line.

Then it is vuln to RFI.
Sometimes if you are lucky directly check with inserting the other url .

Tats it now to take over this site all u need is a SHELL. A shell is like a unauthorized backdoor control panel of website.and it should be in the .txt extension

 (* im not responsible for any of your actions , for education purpose only.*)

Now put in the url like ::

This shell.txt comes from other site which u have already hacked and uploaded the txt file.

You will find like this :::tada !


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More