Gupta Bless

Jul 18, 2020

4 min read

Exploiting Local File Inclusion (LFI) Using PHP Wrapper

IN my previous blog related to LFI, I already discussed some basic steps to achieve LFI. Now in this blog I am explaining how we can achieve LFI is there is any input filtration on the server side.

Aim: Our aim is to find admin account password of the website.

There are three tabs in the web application.

· Home

· CV

· Contact

When we click on “home” tab, home variable travel in URL with page parameter. Same…

--

--

More from Gupta Bless

Security enthusiast working to secure web for others.

Recommended from Medium

Feyza DERİNOĞLU

SAP ABAP — Logical Operators

DeshDeepakDhobi (DD)

How to Publish a ChatBot in AWS Lex V2 using Versions and Aliases?

Murexologist

User Screenset insights

Dan Peachey

in

Google Cloud - Community

Centrally Managing Artifact Registry Container Image Vulnerabilities on Google Cloud: Part One

Wouter

Quickfix: The target process exited without raising CoreCLR started event (.Net Core)

Zain Ahmad

in

Analytics Vidhya

plotting multiple figures with live data using Dash and Plotly

Jagrati Modi

Create Web API with ASP.NET Core

Abdulfatai Jimoh

Andela’s Fellowship Request-Processing Pipeline: Error Handling Logic

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Gupta Bless

Gupta Bless

952 Followers

Security enthusiast working to secure web for others.

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech