Stack Overflow
Stack Overflow

Questions tagged [remote-file-inclusion]

26 questions
5
votes
2 answers

Mounting a remote file system (sshfs) through an intermediate machine

The situation: I am working from machine1, where I have root access. From machine1 I can access machine2 (where I am a user with no privileges) through ssh. machine3 (also user with no privileges) is not directly accessible from machine1. I need to…
Miguel
  • 7,497
  • 2
  • 27
  • 46
4
votes
1 answer

PHP eval(gzinflate(base64_decode(..))) hack - how to prevent it from occurring again?

We recently had a website hacked, where some PHP code was injected into the index.php file that looked something like: eval (gzinflate(base64_decode('s127ezsS/...bA236UA1'))); The code was causing another PHP file (cnfg.php) to be included, which…
mwalsher
  • 2,790
  • 2
  • 33
  • 41
3
votes
2 answers

Can't include file on remote server

My problem is that I can't include a file on a remote server. The script fails at the require_once function. I'm running the script…
user918712
  • 113
  • 1
  • 8
2
votes
6 answers

Use php to read the source of a php file

I'm attempting to use php to read the source of a separate php file. I'm attempting to use file_get_contents in the following manner file_get_contents('http://www.example.com/someFile.php'); Unfortunately, the code above attempts to execute the php…
Mark Brown
  • 12,026
  • 8
  • 27
  • 32
2
votes
1 answer

Remote File Inclusion via Another Server?

My server (mediaquarter.at) is currently being DDoSed by requests like this (with some minor variations):…
xeraa
  • 10,456
  • 3
  • 33
  • 66
2
votes
1 answer

Is Django framework vulnerable to local file inclusion(LFI) and remote file inclusion(RFI)?

Like in php, include() method and allow_url_include can be vulnerable to LFI and RFI. Does django's include is vulnerable to lfi and RFI?
lunatic955
  • 31
  • 5
2
votes
1 answer

Javascript: How to read data from remote js file?

I have a javascript file from remote server and it contains a variable which has data which I want to access. Js file: http://static.www.xxx.com/mydata/uXKojYEd9WXFpAasite/v4_3/3/d/itemjs Js file contain code like below var…
Kul
  • 378
  • 12
  • 20
2
votes
1 answer

How to Open a Remote Text File using Server.MapPath in ASP.Net?

This is what I have right now for a file residing on the same server and it works. Dim FILENAME as String = Server.MapPath("Output.txt") Dim objStreamWriter as StreamWriter objStreamWriter = File.CreateText(FILENAME) dr =…
ThinkCode
  • 7,841
  • 21
  • 73
  • 92
1
vote
2 answers

jquery: is there a way to read all files from the host directory?

im just brainstorming an interface that dynamically generates a page based on files located in page's directory. I'm wondering if jquery can do this? For instance, a page just displays information for each file, maybe a thumbnail, etc. If i were to…
Sinaesthetic
  • 11,426
  • 28
  • 107
  • 176
1
vote
1 answer

Routing a download through server; PHP settings

I'm trying to download a video source file from our video host, Ooyala, but the filename for these files is long, not descriptive, and has no extension. Since these files will be downloaded by many different types of people I want to fix this, so…
Spencer Alger
  • 918
  • 2
  • 9
  • 22
1
vote
0 answers

Preventing Directory Traversal in php get page script

I am trying to implement a secure php get page function afer my website got hacked with LFI, RFI and DTA (I got the whole package LOL). Browsing the web I found this script which seems to work fine in preventing inclusions of files that I did not…
Gumbo
  • 11
  • 1
1
vote
1 answer

cck remote file (image) field - I want to keep the cached copy of the image when the node is deleted

I use the Remote File module for a cck field displaying a remote image. It works with a known issue: images are reloaded on every edit http://drupal.org/node/395256 And as i do tests with lots of nodes and delete them afterwards, the images cached…
groovehunter
  • 3,050
  • 7
  • 26
  • 38
1
vote
1 answer

Would this redirect script open me up for code injection or remote file inclusion?

Recently I ran across a blog article about using PHP scripts to redirect affiliate links. It got me thinking whether this script was safe or not. I've heard that using the $_GET variable can lead to a vulnerability. Any suggestions would be…
John
  • 15,990
  • 10
  • 70
  • 110
1
vote
1 answer

MVC framework error in second level directory

i am building an mvc framework to manage my projects i have my htaccess file configured as this RewriteEngine On RewriteBase /mymvc/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^([^?]*) index.php?url=$1…
Seraphin Ahmed
  • 29
  • 1
  • 6
1
vote
0 answers

ColdFusion 9 and Remote File Inclusion

My site has just been hacked and I suspect that it was a remote file inclusion attack. These are my server specs: Windows Server 2008 R2 running ColdFusion 9 (9.0.1.274733) and IIS 7.5 This is the source code of the page that appeared after my site…
raul prakash
  • 113
  • 1
  • 3
  • 10
1
2