Advanced Local and Remote File Inclusion

Advanced Local and Remote File Inclusion - PHP Wrappers

Рет қаралды 8,497

2 жыл бұрын

OK so, it's kinda crazy. Ever since I started this channel, the most popular video by far has been the "Web Hacker Basics" video on local and remote file inclusion. So, with as popular as that video has gotten, I figured now would be the perfect time to revisit file inclusion and talk about how to exploit them using a real-world example.
Docker Labs
github.com/NetsecExplained/do...
Payloads all the Things
github.com/swisskyrepo/Payloa...
Cyber Chef
gchq.github.io/CyberChef/
Simple College Website
www.sourcecodester.com/php/14...

Пікірлер: 16

@NetsecExplained 2 жыл бұрын

Thanks for watching! What topic would you like to see us cover next?

@tylerjimmy6946 Ай бұрын

Wonder why I haven’t come across this channel since!!! It took me 5 mins into the video for me to be a subscriber. I absolutely love this ❤️❤️❤️

@NetsecExplained Ай бұрын

That means the world, thank you!

@bitfirewall 8 ай бұрын

Not enough PHP devs fully appreciate how powerful file wrappers are ...

@blackoutzombies 2 ай бұрын

Man I watched only this video and it was enough for me to subscribe, your contente is awesome

@austinrhoads Жыл бұрын

Awesome! Thanks for the content!

@Cossaw 2 жыл бұрын

Love this channel

@unknown_exploit 7 ай бұрын

Excellent Video!!

@oddandrandom5771 2 жыл бұрын

ty for the new video 🙏

@0xmkay Жыл бұрын

Thank you very much

@deidyomega 2 жыл бұрын

Great job, I'd be curious if you have anything similar for python, with either django, flask, or fastapi. In php its common to include entire php files, whereas with python you usually go the other direction, modifying html files on the fly.

@NetsecExplained 2 жыл бұрын

You can't actually do this natively in Python. Python web applications load the entire application in memory. File inclusion requires application code the be imported into the application and executed that way. You can do it with scripts like ASP, JSP, and PHP files. You can also perform a variation of it using CGI scripts, but that gets into something else entirely.

@Ian-pe9rj 3 ай бұрын

I’d love to see a video on how to prevent the exposure of the credentials. What methods are used to prevent this issue?

@NetsecExplained 3 ай бұрын

To prevent the credential exposure in here, you should follow standard security practices. Never write credentials in any file on disk. Instead, use an environment variable or something like Hashicorp Vault as your secrets manager. The application should make a request to the vault to grab the credentials it needs.

@waltwilliams6012 5 ай бұрын

If I am running all my PHP code on the back end calling it through JavaScript's fetch function, it appears that I am not subject to these particular vulnerability. I have zero PHP code in my HTML file.

@NetsecExplained 5 ай бұрын

I'm not sure what you mean by this, but the vulnerability lies with fact that user provided input is used in an `include();` statement. As long as you don't have that (or require, or require_once, etc.) then you're good!