|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 115
Members: 0
Total: 115
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
RFI tutorial help |
|
Posted: Sun Aug 16, 2009 10:11 pm |
|
|
shadowhound |
Advanced user |
|
|
Joined: Aug 08, 2009 |
Posts: 57 |
|
|
|
|
|
|
|
ive done the IPB forum hacking i did that for 2 weeks now im bored of phoning the owner up and making them annoyed and ive used SQL injection on normal websites
im just wondering anyone got any decent tuts and vids on RFI, 1 more thing can i gain a full system shell if i use RFI ? thank you |
|
|
|
|
Posted: Sun Aug 16, 2009 11:38 pm |
|
|
lenny |
Valuable expert |
|
|
Joined: May 15, 2008 |
Posts: 275 |
|
|
|
|
|
|
|
You can certainly get a good foothold on a server if you find a successful RFI vulnerability. Assuming you are looking for RFI exploits on a PHP driven website, ou can use RFI to include a "shell" script such as the C99 shell or any other php script to gain command-line level access to the server with the same privileges as the web server user. I would suggest the first step is to look for local file inclusion vulnerabilities before you start to look for remote exploits - thats just my two cents |
|
|
|
|
Posted: Fri Oct 09, 2009 1:59 pm |
|
|
Mooka91 |
Advanced user |
|
|
Joined: Aug 15, 2009 |
Posts: 73 |
|
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> Remote file inclusion
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|