Introduction
We covered file inclusion vulnerability both local and remote. We also explained methods of bypassing filters. This was part of TryHackMe Junior Penetration Tester.
This room aims to equip you with the essential knowledge to exploit file inclusion vulnerabilities, including Local File Inclusion (LFI), Remote File Inclusion (RFI), and directory traversal. Also, we will discuss the risk of these vulnerabilities if they’re found and the required remediation. We provide some practical examples of each vulnerability as well as hands-on challenges.
In some scenarios, web applications are written to request access to files on a given system, including images, static text, and so on via parameters. Parameters are query parameter strings attached to the URL that could be used to retrieve data or perform actions based on user input.
Answers
In Lab #2, what is the directory specified in the include function?
Which function is causing the directory traversal in Lab #4?
Try out Lab #6 and check what is the directory that has to be in the input field?
Capture Flag2 at /etc/flag2
Capture Flag3 at /etc/flag3
Gain RCE in Lab #Playground /playground.php with RFI to execute the hostname command. What is the output?
Video Walk-through
I need your shell.php file, can you give it to me? thanks
https://github.com/pentestmonkey/php-reverse-shell/blob/master/php-reverse-shell.php