Lately there has been a radical increase in web servers being hacked using Remote File Inclusion, mainly due to the big search engines which provide an easy way to find those vulnerable applications. But do not think that hackers sit and spend hours doing queries on web engines, no. They have automated scripts that serach for vulnerable web sites for them, and all is left for them to know is which application files are vulnerable to the attacks they want to execute.
Using search engines to find vulnerable servers is not a new technique however, lately automated scripts that automate the whole process can be found on the web/IRC and this makes script kiddies life much more easier.
If one tries hard enough to find these scripts on IRC networks he will find bots that reside in channels 24/7 receiving queries almost from anyone. This allows even ten year old kids to find vulnerable servers easily and try to exploit them, and as far as Remote File Inclusions go, they don't even need technical abilities since they are usualy easy to exploit.
For the less security savvy, Remote File Inclusion (also known as RFI) attacks allow hackers to run their own files on the remote web server. This is done when a web application receives parameters including a file location from the user. for a more in-depth explaination please read the Wikipedia.
Technorati Tags: rfi, rfi attacks, web hacking, hacking, web application hacking, security, web security, rfi method
0 Responses to “File Inclusion Attacks - Explained”