jetlib.sec » The Exploitant » Uploading a shell to a website through Local File Inclusion [LFI to RCE]

Feeds

133337 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

The Exploitant

• December 24, 2009
• 

  Uploading a shell to a website through Local File Inclusion [LFI to RCE]

  Posted: December 24th, 2009, 5:09pm PST by raykoid666

  Tags:   

  First of all, this is not my own work, i’m just spreading the word. Original article can be found here and full credit goes out to the original author. 1 – Introduction 2 – Finding LFI 3 – Checking if proc/self/environ is accessible 4 – Injecting malicious code 5 – Access our shell 6 – [...]