Local File Inclusion to Remote Code Execution
Uzma Sheikh, Dr. Ravi Sheth
LFI, RCE, RFI, Local file inclusion in a web app, Remote code execution in a web app, LFI to RCE.
Web applications are designed to present to any user with a web browser a system-independent interface to some dynamically generated content. By my analysis over the last several years, web applications and their importance have increased. Simultaneously of growing web applications, the quantity and impact of security vulnerabilities in such applications have grown as well. The application may be designed with the acceptance that users will only enter valid data as the programmer deliberate, in terms of both data and ways of entering input. However, if the user's input is not handled properly, serious security problems can eventuate. There are possible separate methods that can be used to trigger the execution of code on both the client and the server-side. LFI attack reveals the sensitive information of the server by simply adding some extra payloads in URLs or requests. LFI attacks lead to password files configuration files and some of the sensitive files of the systems. RCE execute/upload malicious script in the server that leads to the access control of the system. In this paper, we show how we can perform RCE through LFI.
Article Details
Unique Paper ID: 149766

Publication Volume & Issue: Volume 7, Issue 1

Page(s): 533 - 536
Article Preview & Download

Share This Article

Conference Alert


International conference on Management, Science, Technology, Engineering, Pharmact and Humanities.

Go To Issue

Call For Paper

Volume 8 Issue 4

Last Date 25 September 2021

About Us

IJIRT.org enables door in research by providing high quality research articles in open access market.

Send us any query related to your research on editor@ijirt.org

Social Media

Google Verified Reviews

Contact Details

Email: editor@ijirt.org
Website: ijirt.org