Remote File Inclusion Vulnerabilities – Discovery & Exploitation – zSecurity

This topic has 1 reply, 2 voices, and was last updated 9 months, 2 weeks ago by diego.

Viewing 2 posts - 1 through 2 (of 2 total)

Author
Posts
August 10, 2021 at 9:00 am #57509
Olieve
Participant
I am watching the website hacking course. At the section of “Remote File Inclusion Vulnerabilities – Discovery & Exploitation”, I wonder why “reverse.text” file is executed as a php file at the target server because it is not .php file. I hope someone teach me ! thanks.
August 10, 2021 at 5:47 pm #57523
diego
Moderator
Hi!
It works because it contains php code and the server is not restricting execution on any file type. So this will also depend on the configuration of the server but it’s something that is worth to try.
Greetings!
Diego
Author
Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.