homepage
Open menu
Contact Sales

Secrets of Exploiting Local and Remote File Inclusion

  • Tuesday, 18 Feb 2014 1:00PM EST (18 Feb 2014 18:00 UTC)
  • Speaker: Justin Searle

Join us for a two hour webcast and taste a sample of SANS's new 6-day course SEC642: Advanced Web App Penetration Testing and Ethical Hacking. This webcast will delve into the secrets of exploiting local file include (LFI) and remote file include (RFI) vulnerabilities. And if you thought LFI and RFI vulnerabilities only affected PHP web applications, think again. We'll take you through the techniques to find and exploit these flaws in .NET, Java, and our good old friend that has long since held the reputation of containing file inclusion vulnerabilities, PHP. We'll reveal tricks how to prevent the web server from executing code in its server-side source files allowing you to retrieve the source code you shouldn't be able to see. We'll also teach you how to get your own code up to the server for arbitrary code execution through those file inclusion vulnerabilities. Don't miss this opportunity to sample one of our hottest classes, SEC642, the sequel to our original 6-day web penetration class SEC542.

SEC 642 and SEC 660 are being offered Online in less than a month, use the following links to get more information!

SEC 642: https://www.sans.org/vlive/details/34387

SEC 660:https://www.sans.org/vlive/details/34367

Login to Register

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
HackFest_blog_image.png
Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming
A Visual Summary of SANS HackFest Summit
Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023
370x370-person-placeholder.png
Alison Kim
read more
Blog
Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming
SEC670 Prep Quiz Answers
Answers for the SEC670 Prep Quiz. For more details about the course and the quiz, please clickthrough to see the quiz article.
370x370_jonathan-reiter.jpg
Jonathan Reiter
read more