Your Ad Here

Local File Inclusion Tutorial - Written by Xasulrev

[- How to Find LFI Vulnerability -]

How to Find LFI Vulnerability, Well i use me of adding ..

Real World Examples:

Warning: main(...html): failed to open stream: No such
file or directory in /home/groups/j/je/jedit/htdocs/index.php
on line63

Warning: main(): Failed opening '...html' for
inclusion (include_path='.:/usr/local/share/pear')
in /home/groups/j/je/jedit/htdocs/index.php on line 63

This is not Vulnerable,
A Vulnerable should look like

Warning: include() [function.include]: Failed opening '...php' for
inclusion (include_path='.:/usr/share/pear')
in /home/shiner/ on line 62

include is the code , the script is using for example

$page = $_GET[page];

Should be [function.include]

$page = $_GET[page];

should be [function.require_once] or [function.require]

[- Find Example (Real) -]

Gives us.

Fatal error: require_once() [function.require]: Failed opening
required './..' (include_path='.:/:/usr/php/pear'
) in /indexm.php on line 164


So we know it Vulnerable

if Windows OS, you can just do

other try

until you get Something.

Posted by Cyber Trunks


Your Ad Here