Collaborate Disseminate
I’m writing functions for a Python package to register files from a file system to an SQL database, and GitHub’s CodeQL has flagged that the file paths are a potential security risk.
I have constructed a basic validator to make sure that o… Continue reading Validating file paths to satisfy GitHub CodeQL’s "Uncontrolled data used in path expression" alert [migrated]
I have found an arbitrary file upload vulnerability on a flask application that I was playing with that essentially allows me to append to any file (and create new ones) in the file system. The code that causes the vulnerability boils down… Continue reading Arbitrary File Upload Vulnerability
When I try to bypass the security configuration of Natas13 (http://natas13.natas.labs.overthewire.org/ A/P:natas13/lW3jYRI02ZKDBb8VtQBU1f6eDRo6WEj9) while using Burp Suite Community Edition on Windows 10, I’ve found very confusing respons… Continue reading Does Burp Suite affect my request directly?
I am solving a lab related to serialization vulnerabilities. It deals with retrieving files based on the signature. The theory of the lab states as quoted, "Adding ./ will still give you the same file but the application will generate… Continue reading How does "./" affects signature generation for files, in a PHP based web application?
In the past few days, I have created my own webserver to serve as my sandbox for learning pen-testing. I saw this blog (https://outpost24.com/blog/from-local-file-inclusion-to-remote-code-execution-part-1) and wanted to attempt something s… Continue reading How does Local File Inclusion (LFI) work?
I am now learning about RFI attacks and I am practising with some pieces of codes trying to perfrom RFI in order to understand better the situation. Now I am stuck at this one:
if (!isset($language)) {
$language = ‘english’;
} else {
… Continue reading How to perform RFI attacks?
I want to test RFI but I don’t have a web server I can host test files on, and I’d rather not host from my own machine (e.g. python3 -m http.server) if possible. I’d like to test RFI with many things, but mainly scripts like PHP code to do… Continue reading What’s a good way to host files for testing remote file inclusion?
I want to test RFI but I don’t have a web server I can host test files on, and I’d rather not host from my own machine (e.g. python3 -m http.server) if possible. I’d like to test RFI with many things, but mainly scripts like PHP code to do… Continue reading What’s a good way to host files for testing remote file inclusion?
Let’s say that an attacker wants to search websites for RFI/LFI vulnerability with a script, he’s fuzzing the URL with a list of remote/local files. And he prints the headers that return from the request. How can the attacker know when the… Continue reading How to know if an RFI/LFI attack was successful?
I am working on a project which requires the name of the page as a query parameter ‘path’. The app stores path variable as res.query.path. My manager asked me to pay attention to LFI, so I’m concerned about it. The app is using Express.JS,… Continue reading Local file inclusion in JS app [closed]