I'm trying to make a page in php with a local file inclusion vulnerability.
I want to be able to do: http://url/index.php?page="whatever"
Now I tried making an array with variables and that wasn't what I wanted.
I tried using include('file');
I'm just trying to set this vulnerability up on my own server so i can play around with it. It's just not the same with wargame servers.
So any help is apreciated. I haven't coded in php until about 20 minutes ago (or any server sided language) so i have little idea what i'm trying to do.
I read part of a tutorial and played with some code but i'm just not sure how to make this vulnerability.
Create vulnerability
- RNA
- suck-o-fied!
- Posts: 95
- Joined: 23 Nov 2006, 17:00
- 17
- Location: A bit to the right of null
- Contact:
Re: Create vulnerability
p99 wrote:I'm trying to make a page in php with a local file inclusion vulnerability.
I want to be able to do: http://url/index.php?page="whatever"
Now I tried making an array with variables and that wasn't what I wanted.
I tried using include('file');
I'm just trying to set this vulnerability up on my own server so i can play around with it. It's just not the same with wargame servers.
So any help is apreciated. I haven't coded in php until about 20 minutes ago (or any server sided language) so i have little idea what i'm trying to do.
I read part of a tutorial and played with some code but i'm just not sure how to make this vulnerability.
well for an include thing like that I think its something like this(php aint my main thing)
Code: Select all
<?php
$file = $_GET['page'];
include($file);
?>
$_GET['Name'] where Name is whatever the variable is called in the URL(in your case, page)
~RNA
- RNA
- suck-o-fied!
- Posts: 95
- Joined: 23 Nov 2006, 17:00
- 17
- Location: A bit to the right of null
- Contact:
you could make it parse .jpg files through php
Let me get you something on it
ok, had to dink with my httpd.conf file(didnt have allowoverride on >.<)
heres an example for my php gen sig:
in the folder its in I have in the .htaccess
instead of sig.png you could to *.jpg or whatever.
this means that the file will actually be passed through the PHP parser before going out to you, you actually are calling the URL of an image, it just gets parsed
you could have it log hits, do whatever
Let me get you something on it
ok, had to dink with my httpd.conf file(didnt have allowoverride on >.<)
heres an example for my php gen sig:
in the folder its in I have in the .htaccess
Code: Select all
<Files sig.png>
ForceType application/x-httpd-php
</Files>
this means that the file will actually be passed through the PHP parser before going out to you, you actually are calling the URL of an image, it just gets parsed
Code: Select all
rna.is-a-geek.com/phpstuffs/sig.png
rna.is-a-geek.con/phpstuffs/sig.phps
- RNA
- suck-o-fied!
- Posts: 95
- Joined: 23 Nov 2006, 17:00
- 17
- Location: A bit to the right of null
- Contact:
Including the picture that way would also force it to be parsed, same thing like
would include it after running all the code, so would
Code: Select all
include('sig.php');
Code: Select all
include('sig.png');