Forum Thread: Elimination of Arbitrary Files

What is an arbitrary file?

Basically an arbitrary file is the one that allows the modification of other files in the system of the web application.

In this case we will talk about a file that can cause us to delete other files ie we could delete the whole web only with that file, it is dangerous to leave a file like that without it is not an administrator who is handling it.

Google Hacking?

Of course, we will use the famous dorks that are no more than google operators for our purposes, then you can build dorks like the following:

Code: Select
inurl: delete.php? file =
inurl: delete.php? file =
inurl: delete.php? filename =

Or similar in the art of google hacking the question is in inventing xD : D

Performing the attack?

It's simple you have permission to delete a file .... xD: D

Well we have the superpantallazo (delete all the shit and leave the interesting : D), well we have the unlink () function that does that same of the tutorial delete a file :)... Then we have a route, and we also have a FPD (Full Path Disclousure) and as we know LFI (Local File inclusion), we combine this and delete the file .... So it would look like this:

Code: Select

file = .. / .. / .. / thatfilenamefromthefilter.will

So we will visit our website : D

And as we see goes all ok!

Then we return to our arbitrary file which has permissions to delete :)
And we indicate that we no longer want that file to throw it away: P

What we would see would be that it does not throw any unlink () error ie the file was deleted correctly:)

Then we tried to enter the page we previously saw everything ok:)

and we have an error 404 that page does not exist : P

So far we have made the attack that would delete the file we want from the web application.

  • How to prevent this type of attacks?
  • is only as easy as not to leave that type of files for the whole public, but only for the administrator for example, or simply not to create them if they are not necessary.

Our Best Hacking & Security Guides

New Null Byte posts — delivered straight to your inbox.

Be the First to Respond

Share Your Thoughts

  • Hot
  • Active