Wednesday, May 27, 2009

PHP Remote File Inclusion

Remote File Inclusion is a technique used to attack websites from a remote computer.RFI allow malicious users to run their own PHP code on a vulnerable website.This allows the attacker to use and run any remote file just by editing the URL. Like a webshell can display the files and folders on the server and can add,edit or delete files and folders,send spams and even get hold of root.

More details on PHP Webshell are here.

No comments: