Saturday, May 12, 2012

Local File Include with Access log

My demo for Local File Include. If you can not found any file contain mailicous code on server, you can use access log to inject malicious code. Note: If you send url by web browser, url will be encoded. So, you must send direct url to server to write code to access log.

Thanks for reading
Security Research
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...