https://www.noobsec.net/tags/rfi/ Recent content in Rfi on Welcome to noobsec Hugo -- gohugo.io en-us Mon, 29 Jun 2020 21:44:39 +0000 https://www.noobsec.net/file-inclusion/ Mon, 29 Jun 2020 21:44:39 +0000 https://www.noobsec.net/file-inclusion/ <!-- end-chunk --> <!-- begin-chunk data-anchor="file-inclusion" --> <h1 class="header-anchor-wrapper">File Inclusion <a href="#file-inclusion" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>File inclusion vulnerabilities are of two types: <strong>Remote File Inclusion (RFI)</strong> and <strong>Local File Inclusion (LFI)</strong>. <strong>RFI</strong> is said to be present when a web application allows remote users to load and execute a remote file on the server. <strong>LFI</strong> is said to be present when a web application allows remote users to load any pre-existing file and execute it on the server.</p>