LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Remote File Inclusion (RFI)

Description

During the scan, Cytrix managed to find that an external, malicious files could be loaded.
That, might lead to Remote File Inclusion (RFI) attacks. The purpose of an RFI attack is stealing information from affected servers and taking over the site that allows content to be changed.

The attacker’s main purpose is to exploit the vulnerable mechanism found in the web application. He abuses it to upload malicious files from a remote URL located in another origin. (for example : backdoor shells)

This is an example of a PHP code that holds an RFI vulnerability. The following source code display what is occurring “behind the scenes” when a programmer writing a code holding RFI vulnerability :

<?php$page = $_POST['page'];

include($page);

?>

Recommendation

To prevent this vulnerability from occurring in the future, the user input must be verified and filtered correctly. Additionally, if the server is on Apache, make sure that allow_url_include is off so that it will not be possible to load content from any external URLs.

References

https://www.imperva.com/learn/application-security/rfi-remote-file-inclusion/

< Return to all Vulnerabilities

Request a Demo

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin