Home Unlabelled How to Exploit Remote File Inclusion to Get a Shell

How to Exploit Remote File Inclusion to Get a Shell

By
Monday, September 10, 2018
Read
Add Comment

A simple security flaw can allow an attacker to gain a strong foothold with little effort on their part. When a web application permits remotely hosted files to be loaded without any validation, a whole can of worms is opened up, with consequences ranging from simple website defacement to full-on code execution. For this reason, RFI can be a promising path to obtaining a shell. Today, we will be using DVWA, a vulnerable web application included with the Metasploitable 2 virtual machine, as the target. Kali Linux and the Metasploit Framework will serve as the tools of attack. What Is RFI... more



from WonderHowTo https://ift.tt/2wVYPsJ
via IFTTT
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us