How to exploit File Inclusion vulnerability
There two type File inclusion Vulnerability Remote File and Local File Inclusion.
Remote File Inclusion Vulnerability:
Suppose my target is :
So somewhere in the “*.php” some kind of code like :
include( $fool . ‘.php’ );
Local File Inclusion:
LFI= Local File Inclusion same as RFI but it will load the local file of the target server.
For example :
Easy to understand?