welcome to Cyber. Very I am Raymond Evans and I will be your subject matter expert for Cyber Aires. Web app penetration, testing course. In this video, we will be discussing Al, if I and R, if I or
remote file inclusion and local file inclusion so it will be covered. We're gonna talk about what is local file inclusion.
It was local file inclusion Look like why is it dangerous? We'll also look at what is remote file inclusion.
What does remote follow inclusion look like and why that's dangerous. So what is Al if I or local filing collision?
local file inclusion is a process of including files on a server through a browser. Simple terms allows you to view files on the server and in some cases, execute commands.
This could be used to first systems and gain access to files that she normally not be accessible. Basically, what this does is allows individuals thio, look through your system and rifle through your files. You would never know it that they're there.
It is easily executed
and is very, very hard to detect unless you have something like a
i d S r I P s intrusion detection intrusion prevention system with a signature written to identify this and the packets. So what exactly does it look like? Well, from the example here we see example dot com preview PHP question mark file equals
dot us slash slash slash slash Etc. Password. So what this is doing is it's looking
for a specific file type and the way that this was written this code on this Web pages, it just calls to the system and says, Hey,
open up this file. Not the best thing to do exactly. You know, if you're trying to find file equals home dot html for the home page.
the way that that structured it also allows anybody to just
the directory for whatever file that they wouldn't look at and in this fight directory here. So again, the etc password file
and able to get that information there. So why is local file inclusion dangerous? Exactly, Well, local fire conclusion, As I said before, it could be used to be able to access files.
If you have the ability to access files a user, this opens the door sensitive files the things like the etc Shadow file, which could be used to get password hash is and could be cracked. If the passwords are weak enough, you could also enumerates the SS H authorized keys, which could be used to gain access to A systems
And you could also look at the Lenox Network configuration vase gain more info about the internal networks.