AlbusSec:- Penetration-List 04 File Inclusion — Sample

Hello Members, I hope that you liked Penetration-List Project, Therefore, I worked hard to complete Penetration-list Project. Firstly, I will introduce myself. So, I’m Aniket Tyagi and I’m an Information Technology officer at the 5f eco foundation of India, an Information Security Researcher, and the founder of Albus Security. However, Today’s article contains a very controversial topic, because all bug bounty hunters think that file inclusion is easy to learn, but it is hard to find, however, we will learn lots of things about File Inclusion in today’s articles, Without further let’s get started.

File Inclusion:-

File Inclusion Vulnerability is an attack in which the attacker is able to read sensitive info or inject arbitrary commands using the files stored on the web server or using the files that are hosted on the external server. This type of vulnerability has arisen due to web applications. Mean Web application executes a file without sanitizing. This misconfiguration allows an attacker to manipulate local files hosted on the server also known as Local File Inclusion(LFI), and include other files from the external domain also known as Remote File Inclusion(RFI).

  • What is a Local File Inclusion (LFI) vulnerability And Remote File Inclusion(RFI) Vulnerability, Identifying LFI and RFI vulnerabilities within Web Applications?
  • Basic LFI/ RFI Bypass
  • PHP Wrappers
  • Truncation LFI Bypass
  • RCE through RFI/LFI

Local File Inclusion:-

when an application includes files on a server then the attacker injects another file name and the server will execute it without sanitizing the input.

for example, if you want to upload something from a website the webserver will call the function that will lead you to the upload page and allow you to upload the data you want.

https://albussecurity.com/?page=uploader.php

Using LFI vulnerability, the attacker changes the file name to send different data to the webserver. So instead of uploading the data, the attacker manipulates a server to execute a different function to get other sensitive data from the webserver.

https://albussecurity.com/?page=/etc/passwd

Local File Inclusion

So, the Server executes the malicious file.

Remote File Inclusion:-

When an application includes files from the external server then the attacker injects its own malicious domain to execute the malicious file from an external server and the server will execute it without sanitizing the input. Remote File Inclusion is very much like Local File Inclusion(RFI), with the difference that with Remote File Inclusion, an attacker can include Remote files from any external server, Mean attacker will exploit the web-server using scripts present on any server(not local files like in the case of LFI). for example, if you want to upload something from a website the webserver will call the function that will lead you to the upload page and allow you to upload the data you want.

https://albussecurity.com/?page=uploader.php

Using RFI vulnerability, the attacker changes the file name uploader.php into a URL http://google.com, So instead of uploading the data, the attacker manipulates a server to execute a different function from any server.

https://albussecurity.com/?page=http://www.google.com

Remote File Inclusion

If the website is vulnerable to RFI then it loaded the google search engine. So this means we can easily load other URLs into the target web server.

We will learn the next topics in the upcoming article, due to some circumstances I’m not able to make an article daily, but I try my best to make it. However, Thank you For reading.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store