Doubt regarding Local File Inclusion(PHP Knowledge enough) - Web Application Security

XinR

Let this be the LFI Vulnerable script

<?php<br /> $file = str_replace('../', '', $_GET['file']);
if(isset($file))
{
include("pages/$file");
}
else
{
include("index.php");
}
?>

And we pass
http://example.com/index.php?file=..%2F..%2F..%2F..%2Fetc%2Fpasswd to attack

But how exactly is the file included now? Wont the scipt now be equivalent so that $file = ..%2F..%2F..%2F..%2Fetc%2Fpasswd

Only browser knows 2F = '/' so how can server include the file? HOw does it exactly understands it??

Danks>

Xin R

Mr. P-teo

Its a good tutorial, but there should be no breakline within the php tags as this would just error.

Howdy, Stranger!

Top Posters

Who's Online (0)