Questions tagged [lfi]
19 questions
0
votes
1 answer
LFI to RCE through User-Agent
I'm doing a pentest on a FreeBSD machine running CuppaCMS. Already managed to login into the CMS with admin privilege, but it only takes me to a manager menu, with some options to change some tables and stuff like that, no RCE visible escalation. So…
0
votes
1 answer
How to Create file name with Slash in it for Path traversal attack?
Yes I've read forums that says Forward Slash (/) is invalid character in a file name since it being File Separator in Windows and *nix based machines. But Without creating such an exploit file, I think attacks like ZipSlip won't be possible, Isn't…
![](../../users/profiles/226742.webp)
Subramanian
- 1
- 2
0
votes
1 answer
Attack Web Forms dvwa to achieve lfi
Does anyone know how to hack dvwa(http://www.dvwa.co.uk) via submitting a form input like ../../../../../etc/passwd to expose the /etc/passwd of a given server?
Is there a endpoint to hit for this?
Thanks
![](../../users/profiles/203942.webp)
JShee
- 1
0
votes
1 answer
PHP LFI fix with the right file permissions
I'm trying to understand how to perform a LFI (specifically PHP LFI), and there is a aspect of this attack that seems to be never discussed in online articles I read: The injected file permissions.
Indeed, let's assume I can inject a file in the…
![](../../users/profiles/192330.webp)
KJ202
- 1