Task: Implement an LFI Attack

Step 1

• Ensure bWAPP is running, log in to the website with your credentials, and navigate to the Bugs page.

Step 2

• In the A7 – Missing Functional Level Access Control section, select Remote & Local File Inclusion (RFI/LFI), and click Hack.

Step 3

• Examine the page and note there is no user input field. Select a language from the dropdown list and verify that the page outputs data.

Step 4

• Inspect the HTML source code to find clues for the action. Examine the dataexchange process between the client and the server. Note there is a form that sends information to /bWAPP/rlfi.php.

Step 5

• The website’s HTML code can be edited. Edit the button feature in the HTML code to insert a tag that accepts the user input
• Utilize the user input to access the passwd file from the /etc directory of the server.

Step 6

• The page now has an input box where code may be injected. Here, you will use ../ and /etc/passwd to access the directory and print it on the web interface