Mirrors/bugbounty-cheatsheet
2
0
Fork 0
mirror of https://github.com/EdOverflow/bugbounty-cheatsheet.git synced 2024-11-24 20:13:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update lfi.md

Browse source
This commit is contained in:
streaak 2017-10-05 00:08:11 +05:30 committed by GitHub
parent c5af328c78
commit 03760028e2
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cheatsheets/lfi.md
View file

@ -35,3 +35,10 @@ _Steps to reproduce_
5. Play the uploaded AVI via the target site. If successful, your desired file will be disclosed within the video.
Alternative scripts exist which may generate different HLS formats or lead to the desired file being disclosed in a different manner.
**Blogs**
* http://pastie.org/840199
* http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
* http://www.notsosecure.com/folder2/2010/08/20/lfi-code-exec-remote-root/?utm_source=twitterfeed&utm_medium=twitter
* http://labs.neohapsis.com/2008/07/21/local-file-inclusion-%E2%80%93-tricks-of-the-trade/
* http://www.digininja.org/blog/when_all_you_can_do_is_read.php