Mirrors/fuzzdb
2
0
Fork 0
mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-11-26 21:10:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source
This commit is contained in:
Adam Muntner 2016-03-09 18:59:10 -05:00
parent 2f66b32d56
commit 83f7c51f01
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
attack/lfi/README.md
View file

@ -3,15 +3,15 @@ LFI - Local File Include attacks
To exploit an LFI bug, you need to be able to write code to a local file and call it from the include. HTTPD log files are a location that is typically writable.
common-unix-httpd-log-locations.fuzz.txt
# To exploit a lfi bug, you have to get code into a local file. This list contains a list of common unix logfile locations based on common packages formats.
* To exploit a lfi bug, you have to get code into a local file. This list contains a list of common unix logfile locations based on common packages formats.
common-windows-httpd-log-locations.fuzz.txt
# To exploit a lfi bug, you have to get code into a local file. This list contains a list of common windows logfile locations based on common packages formats.
* To exploit a lfi bug, you have to get code into a local file. This list contains a list of common windows logfile locations based on common packages formats.
For more details:
http://www.wtfchan.org/~evil1/Web-Shells-rev2.pdf
* http://www.wtfchan.org/~evil1/Web-Shells-rev2.pdf
other tools:
fimap http://code.google.com/p/fimap/
* fimap http://code.google.com/p/fimap/