[Tut] LFI php://filter/read Source Code

Yeah..many Techniques that We can exploit from LFI Vulnerabilty.Ok before Next read..You could read my posting about Technique upload Shell Via Tamper data LFI Exploitation /proc/self/environ No I tell you exploitation in LFI vulnerabilty using php://filter/read=convert.base64-encode/resource= This exploit goals to read the source of file in that Vulnerable Website...

Read More

[Tut] Local File Inculusion / LFI (/proc/self/environ)

LFI (Local File Inclusion) What is LFI or Local File Inclusion? This Description from Wikipedia is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected Example of Php Vulnerable script <?php $file = $_GET['file']; if(isset($file)) { include("pages/$file"); } else { include("index.php"); } So...

Read More