|=--------------------------------------------------------------------=|
|=-----------=[ LFI to RCE Exploit with Perl Script ]=------------=|
|=-------------------=[ 7 December 2008 ]=----------------------=|
|=---------------=[ By CWH Underground ]=--------------------=|
|=--------------------------------------------------------------------=|


######
Info
######

Title : LFI to RCE Exploit with Perl Script
Author : ZeQ3uL && JabAv0C
Team : CWH Underground [www.milw0rm.com/author/1456]
Website : cwh.citec.us / www.citec.us
Date : 2008-12-07


##########
Contents
##########

[0x00] - Introduction

[0x01] - File Inclusion (RFI/LFI)

[0x01a] - How the attack works for Remote File Inclusion [RFI]
[0x01b] - How the attack works for Local File Inclusion [LFI]
[0x01c] - Vulnerable PHP Function for File Inclusion

[0x02] - Local File Inclusion To Remote Command Execution [LFI <> RCE]

[0x02a] - LFI <> RCE via Apache Log Injection
[0x02b] - LFI <> RCE via Process Environ Injection
[0x02c] - LFI <> RCE via Other Files

[0x03] - Fundamental of Perl Library for Exploit Website

[0x03a] - Introduction to Socket
[0x03b] - Introduction to Library for WWW in Perl (LWP)
[0x03c] - Condition to use Socket or LWP

[0x04] - Writing LFI <> RCE Exploit with Perl Script

[0x04a] - Perl Exploit to Injecting code into Target
[0x04b] - Perl Exploit to Executing injected code on Target
[0x04c] - LFI <> RCE Complete Exploit [Use Logfile Injection]

[0x05] - How to protect File Inclusion

[0x06] - References

[0x07] - Greetz To

----------------------------------------------------

Download:
**Hidden Content: To see this hidden content your post count must be 10 or greater.**