From LFI to Shell: Curl + Netcat Strike (Practical Example on BT5 r3)

How to exploit a Local File Inclusion (LFI) using just curl and netcat. After installing a Tiny Core VM on Backtrack 5, launching HTTP + SSH services and creating a vulnerable PHP file, the default 644 permissions of /var/log/auth.log on BT5 allows a dangerous log injection used to gain a shell on the system.

Don’t learn to HACK, hack to LEARN.

Leave a Reply

Your email address will not be published. Required fields are marked *