Impact
Impact can differ based on the exploitation and the read permission of the web server user. Depending on these factors an attacker might carry out one or more of the following attacks:
- Gather usernames via
/etc/password file
- Harvest useful information from the log files such as
/apache/logs/error.log or /apache/logs/access.log
- Directly run commands by using functions like "echo" to create script files
Required Skills for Successful Exploitation
Significant attacking skills are required because there is no tool or automated way to exploit this type of vulnerability. The attack consists of three phases. Detecting the vulnerability, then finding malicious code (
or if possible create one, by uploading an image, etc.) on the targeted system and finally including that code via the identified vulnerability to run it. Generally the attacker needs to find the physical path of server access logs or needs to upload an image to server or abuse
/proc/self/ functionality in Linux systems where possible.
XSS.CX Local File Inclusion 1-2-3 Step Process to Executing LFI Exploit Proof of Concept:
 |
| Local File Inclusion Exploit Instructions: 3 Step Manual Process |
 |
STEP 1 - Harvest /etc/passwd
Having found a vulnerable web application, craft a URL that will display /etc/password, /etc/group etc.. |
 |
Step 2 - Display a System Log File
|
 |
Step 3 - Create a Local File; Include in URL
LFI Exploit Completed
|
No comments:
Post a Comment