Remote File Inclusion (RFI)

Description

The purpose of an RFI attack involves stealing information from affected servers and taking over the site that allows for content change.

Bussines Impact

The attacker’s main purpose is to exploit the vulnerable mechanism in the web application to upload malicious files (for example, backdoor shells) from a remote URL located in another origin.

Recommendation

To prevent this vulnerability from occurring in the future, the user input must be verified and filtered correctly.

Additionally, if the server is on apache make sure that allow_url_include is off so that it will not be possible to load content from external URLs.

More Details

This is an example of a PHP code that holds a remote file inclusion (RFI) vulnerability.

The following source code represents what is occurring “behind the scenes” when a programmer writing a code holding RFI vulnerability:

 

<?php 

    $page = $_POST['page'];

    include($page); 

?> 

Reference

https://www.imperva.com/learn/application-security/rfi-remote-file-inclusion/

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »