Part 1 - LFI & RFI

Video Activity

This lesson offers a brief introduction into Local File Inclusion (LFI) and Remote File Inclusion (RFI) and will cover the following: 1. What is LFI 2. What does LFI look like? 3. Why is LFI dangerous? 4. What is RFI? 5. What does RFI look like and why is it dangerous?

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
4 hours 20 minutes
Difficulty
Intermediate
CEU/CPE
5
Video Description

This lesson offers a brief introduction into Local File Inclusion (LFI) and Remote File Inclusion (RFI) and will cover the following: 1. What is LFI 2. What does LFI look like? 3. Why is LFI dangerous? 4. What is RFI? 5. What does RFI look like and why is it dangerous?

Video Transcription
00:04
welcome to Cyber. Very I am Raymond Evans and I will be your subject matter expert for Cyber Aires. Web app penetration, testing course. In this video, we will be discussing Al, if I and R, if I or
00:16
remote file inclusion and local file inclusion so it will be covered. We're gonna talk about what is local file inclusion.
00:23
It was local file inclusion Look like why is it dangerous? We'll also look at what is remote file inclusion.
00:31
What does remote follow inclusion look like and why that's dangerous. So what is Al if I or local filing collision?
00:38
Well,
00:38
local file inclusion is a process of including files on a server through a browser. Simple terms allows you to view files on the server and in some cases, execute commands.
00:50
This could be used to first systems and gain access to files that she normally not be accessible. Basically, what this does is allows individuals thio, look through your system and rifle through your files. You would never know it that they're there.
01:03
It is easily executed
01:06
and is very, very hard to detect unless you have something like a
01:12
i d S r I P s intrusion detection intrusion prevention system with a signature written to identify this and the packets. So what exactly does it look like? Well, from the example here we see example dot com preview PHP question mark file equals
01:30
dot us slash slash slash slash Etc. Password. So what this is doing is it's looking
01:34
for a specific file type and the way that this was written this code on this Web pages, it just calls to the system and says, Hey,
01:44
open up this file. Not the best thing to do exactly. You know, if you're trying to find file equals home dot html for the home page.
01:55
Well,
01:56
the way that that structured it also allows anybody to just
02:00
put
02:00
the directory for whatever file that they wouldn't look at and in this fight directory here. So again, the etc password file
02:08
and able to get that information there. So why is local file inclusion dangerous? Exactly, Well, local fire conclusion, As I said before, it could be used to be able to access files.
02:19
If you have the ability to access files a user, this opens the door sensitive files the things like the etc Shadow file, which could be used to get password hash is and could be cracked. If the passwords are weak enough, you could also enumerates the SS H authorized keys, which could be used to gain access to A systems
02:38
the S S H.
02:40
And you could also look at the Lenox Network configuration vase gain more info about the internal networks.
Up Next
Instructed By