There are two types of File inclusion
Local and Remote
Example 1.
Below is an example of Local File Inclusion, Remote is also an option, however i will cover that in Example 2.
Example 2.
after a quick edit, it was good to go.
I used pythons inbuilt simplehttpserver hosting the script on my machine, and setup a simple netcat listener for it to connect back to.
Alas!
Remote File Include, a php-reverse-shell which connected back to my netcat listener.
I wont cover escalating, that is for another day.
For now a foothold will suffice =)
Thanks for reading.






 
No comments:
Post a Comment