[WEB SECURITY] Insomnia: Whitepaper - LFI With PHPInfo Assistance

MustLive mustlive at websecurity.com.ua
Fri Sep 30 14:27:40 EDT 2011


Hello Brett!

LFI is interesting vulnerability (including in PHP web applications) and
there are known many methods of their exploitation. And Gynvael Coldwind
have added one more method.

Both Gynvael's and yours papers are interesting. With your work you showed
that phpinfo scripts are dangerous not just because of Information Leakage
and XSS (in PHP < 4.4.1, 4.4.3-4.4.6), but also as vector of exploitation of
LFI holes (if there are such ones at web site). Good work.

Best wishes & regards,
MustLive
http://soundcloud.com/mustlive

Brett Moore brett.moore at insomniasec.com
Mon Sep 5 21:28:45 EDT 2011

> ___________________________________________________________________
>
> Insomnia Security :: LFI With PHPInfo Assistance
> ___________________________________________________________________
>
> Name: LFI With PHPInfo Assistance
> Released: 06 September 2011
> Author: Brett Moore, Insomnia Security
> Original Link:
> http://www.insomniasec.com/releases/whitepapers-presentations
> ___________________________________________________________________
>
> Whitepaper explaining how PHPInfo can be used to assist with the
> exploitation of LFI vulnerabilities on PHP when combined with the
> file upload handling feature that is enabled by default.
>
> The research in this whitepaper is an extension of the published
> work by Gynvael Coldwind in the paper "PHP LFI to arbitratry code
> execution via rfc1867 file upload temporary files"
> ___________________________________________________________________






More information about the websecurity mailing list