AlbusSec:- Penetration-List 04 File Inclusion — Sample
Hello Members, I hope that you liked Penetration-List Project, Therefore, I worked hard to complete Penetration-list Project. Firstly, I will introduce myself. So, I’m Aniket Tyagi and I’m an Information Technology officer at the 5f eco foundation of India, an Information Security Researcher, and the founder of Albus Security. However, Today’s article contains a very controversial topic, because all bug bounty hunters think that file inclusion is easy to learn, but it is hard to find, however, we will learn lots of things about File Inclusion in today’s articles, Without further let’s get started.
File Inclusion:-
File Inclusion Vulnerability is an attack in which the attacker is able to read sensitive info or inject arbitrary commands using the files stored on the web server or using the files that are hosted on the external server. This type of vulnerability has arisen due to web applications. Mean Web application executes a file without sanitizing. This misconfiguration allows an attacker to manipulate local files hosted on the server also known as Local File Inclusion(LFI), and include other files from the external domain also known as Remote File Inclusion(RFI).
- What is a Local File Inclusion (LFI) vulnerability And Remote File Inclusion(RFI) Vulnerability, Identifying LFI and RFI vulnerabilities within Web Applications?
- Basic LFI/ RFI Bypass
- PHP Wrappers
- Truncation LFI Bypass
- RCE through RFI/LFI
Local File Inclusion:-
when an application includes files on a server then the attacker injects another file name and the server will execute it without sanitizing the input.
for example, if you want to upload something from a website the webserver will call the function that will lead you to the upload page and allow you to upload the data you want.
https://albussecurity.com/?page=uploader.php
Using LFI vulnerability, the attacker changes the file name to send different data to the webserver. So instead of uploading the data, the attacker manipulates a server to execute a different function to get other sensitive data from the webserver.
https://albussecurity.com/?page=/etc/passwd
So, the Server executes the malicious file.
Remote File Inclusion:-
When an application includes files from the external server then the attacker injects its own malicious domain to execute the malicious file from an external server and the server will execute it without sanitizing the input. Remote File Inclusion is very much like Local File Inclusion(RFI), with the difference that with Remote File Inclusion, an attacker can include Remote files from any external server, Mean attacker will exploit the web-server using scripts present on any server(not local files like in the case of LFI). for example, if you want to upload something from a website the webserver will call the function that will lead you to the upload page and allow you to upload the data you want.
https://albussecurity.com/?page=uploader.php
Using RFI vulnerability, the attacker changes the file name uploader.php into a URL http://google.com, So instead of uploading the data, the attacker manipulates a server to execute a different function from any server.
https://albussecurity.com/?page=http://www.google.com
If the website is vulnerable to RFI then it loaded the google search engine. So this means we can easily load other URLs into the target web server.
We will learn the next topics in the upcoming article, due to some circumstances I’m not able to make an article daily, but I try my best to make it. However, Thank you For reading.
