I am trying to exploit a local file inclusion vulnerability on a Solaris server for my security course. The server is running Apache2 through CoolStack. What is the file that I need to open? The examples I saw so far all used Linux.
Asked
Active
Viewed 1,263 times
-1
-
Welcome to IT Security! I think this question is too broad to be reasonably answerable in the SEI fashion. I would recommend reading through some of the other content on the site and then coming back with something more specific. – Scott Pack Oct 29 '12 at 13:33
1 Answers
1
You should read LFI to RCE. You need to be able to upload a file or populate a log file with a PHP tag and then include this file using the LFI vulnerability.
![](../../users/profiles/975.webp)
rook
- 46,916
- 10
- 92
- 181
-
thanks for the answer and the great paper but i konw that much, i just dont know what log file i need to populate because it is a solaris server. – flooringleveret Oct 29 '12 at 07:45