|=--------------------------------------------------------------------=|
|=-----------=[ LFI to RCE Exploit with Perl Script ]=------------=|
|=-------------------=[ 7 December 2008 ]=----------------------=|
|=---------------=[ By CWH Underground ]=--------------------=|
|=--------------------------------------------------------------------=|
######
Info
######
Title : LFI to RCE Exploit with Perl Script
Author : ZeQ3uL && JabAv0C
Team : CWH Underground [www.milw0rm.com/author/1456]
Website : cwh.citec.us / www.citec.us
Date : 2008-12-07
##########
Contents
##########
[0x00] - Introduction
[0x01] - File Inclusion (RFI/LFI)
[0x01a] - How the attack works for Remote File Inclusion [RFI]
[0x01b] - How the attack works for Local File Inclusion [LFI]
[0x01c] - Vulnerable PHP Function for File Inclusion
[0x02] - Local File Inclusion To Remote Command Execution [LFI <> RCE]
[0x02a] - LFI <> RCE via Apache Log Injection
[0x02b] - LFI <> RCE via Process Environ Injection
[0x02c] - LFI <> RCE via Other Files
[0x03] - Fundamental of Perl Library for Exploit Website
[0x03a] - Introduction to Socket
[0x03b] - Introduction to Library for WWW in Perl (LWP)
[0x03c] - Condition to use Socket or LWP
[0x04] - Writing LFI <> RCE Exploit with Perl Script
[0x04a] - Perl Exploit to Injecting code into Target
[0x04b] - Perl Exploit to Executing injected code on Target
[0x04c] - LFI <> RCE Complete Exploit [Use Logfile Injection]
[0x05] - How to protect File Inclusion
[0x06] - References
[0x07] - Greetz To
----------------------------------------------------
Download:
**Hidden Content: To see this hidden content your post count must be 10 or greater.**