Remote & Local File Inclusion RFI LFI
Remote & Local File Inclusion (RFI/LFI) - Low Security Level
Solution:
Step 1. Click on Go an output will be displayed and the url will change
From: http://10.0.2.4/bWAPP/rlfi.php
To : http://10.0.2.4/bWAPP/rlfi.php?language=lang_en.php&action=go
Step 2. In the url remove lang_en.php and replace it with payload ../../../etc/passwd
*For more details please refer lesson:
Directory Traversal - Files - Low security Level - url
• Directory Traversal - Files
Click enter on your keyboard and check the output on the lesson page
Step 3. Click on the back page button and in the url remove lang_en.php and replace it with
http://google.com
Click enter on your keyboard and check the output on the lesson page.
PseudoTime
