mirror of
https://github.com/fuzzdb-project/fuzzdb.git
synced 2024-11-26 21:10:18 +00:00
.. | ||
common-ms-httpd-log-locations.fuzz.txt | ||
common-unix-httpd-log-locations.fuzz.txt | ||
JHADDIX_LFI.fuzz.txt | ||
README.md |
LFI - Local File Include attacks
To exploit an LFI bug, you need to be able to write code to a local file and call it from the include. HTTPD log files are a location that is typically writable.
common-unix-httpd-log-locations.fuzz.txt
- To exploit a lfi bug, you have to get code into a local file. This list contains a list of common unix logfile locations based on common packages formats.
common-windows-httpd-log-locations.fuzz.txt
- To exploit a lfi bug, you have to get code into a local file. This list contains a list of common windows logfile locations based on common packages formats.
For more details:
other tools: