Pages: [1] 2

Author Topic: Evilzone's official RFI training script  (Read 7951 times)

0 Members and 1 Guest are viewing this topic.

Offline ande

  • Administrator
  • 0x13338
  • *
  • Posts: 1404
  • Karma: +80/-7
  • Gender: Male
    • View Profile
    • Evilzone
Evilzone's official RFI training script
« on: June 18, 2011, 09:42:34 PM »
The official Evilzone RFI training script

This is a very simple RFI vulnerable(and LFI for that matter, but lets keep this simple) script that you can use to practice your RFI skills on. Setup a testing environment and go nuts.

Looks something like this:


Download: http://evilzone.org/downloads/RFI_EZ_Test_Script.rar or attachment

To set it up, look at:
http://evilzone.org/web-oriented-programming/setting-up-a-php-environment-2/
and or
http://evilzone.org/web-oriented-programming/starting-php-scripting-setting-up-a-php-environment/
« Last Edit: June 23, 2011, 04:13:39 PM by ande »
Logged

Offline Tsar

  • Int
  • **
  • Posts: 133
  • Karma: +10/-0
  • turing-recognizable
    • View Profile
Re: Evilzone's official RFI training script
« Reply #1 on: June 19, 2011, 01:21:49 AM »
That's awesome Ande, we need more stuff like this for other exploits as well, great work.

The hardest part about getting into hacking and security is finding places to practice on.
« Last Edit: June 19, 2011, 01:42:42 AM by Tsar »
Logged

Offline FuyuKitsune

  • Long
  • ****
  • Posts: 289
  • Karma: +20/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #2 on: June 19, 2011, 03:37:15 AM »
Fuck yeah, going OWASP style. Thanks a bunch ande.
Logged

Offline Kreek

  • Int
  • **
  • Posts: 135
  • Karma: +2/-0
  • Gender: Male
    • View Profile
Re: Evilzone's official RFI training script
« Reply #3 on: June 19, 2011, 10:00:57 AM »
Looks nice, though I'll have to try it out when I've got more time.
Good job Ande!
Logged

Offline uNk

  • VIP
  • Short
  • *
  • Posts: 174
  • Karma: +6/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #4 on: June 19, 2011, 05:22:39 PM »
Nice share, downloaded
Logged

Offline connection_failed

  • NOP
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #5 on: June 21, 2011, 06:13:34 PM »
I realy like that but practice, if i can get were to practice on happy would i be
Andy good work
Logged

Offline ande

  • Administrator
  • 0x13338
  • *
  • Posts: 1404
  • Karma: +80/-7
  • Gender: Male
    • View Profile
    • Evilzone
Re: Evilzone's official RFI training script
« Reply #6 on: June 21, 2011, 08:51:30 PM »
Quote from: connection_failed on June 21, 2011, 06:13:34 PM
I realy like that but practice, if i can get were to practice on happy would i be
Andy good work

You are not making any sense dude.
Logged

Online Factionwars

  • Administrator
  • 0x13338
  • *
  • Posts: 1029
  • Karma: +42/-2
    • View Profile
Re: Evilzone's official RFI training script
« Reply #7 on: June 21, 2011, 08:57:50 PM »
Quote from: ande on June 21, 2011, 08:51:30 PM
You are not making any sense dude.
Mhmm to lazy to setup an server i geuss
Logged

Online Kulverstukas

  • Administrator
  • 0x13338
  • *
  • Posts: 1887
  • Karma: +112/-10
  • Gender: Male
  • Delphi coder (and proud)
    • View Profile
    • My blog
Re: Evilzone's official RFI training script
« Reply #8 on: June 21, 2011, 09:42:29 PM »
Quote from: connection_failed on June 21, 2011, 06:13:34 PM
I realy like that but practice, if i can get were to practice on happy would i be
Andy good work

There you go: http://www.apachefriends.org/en/xampp.html
Don't forget to turn off skype when launching apache on windows.
Logged

Offline mod_bluejay

  • NOP
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #9 on: June 23, 2011, 04:01:44 PM »
I'm getting a 404 Not Found when downloading the script.

Never mind, attachment is working...
« Last Edit: June 23, 2011, 04:03:10 PM by mod_bluejay »
Logged

Offline ande

  • Administrator
  • 0x13338
  • *
  • Posts: 1404
  • Karma: +80/-7
  • Gender: Male
    • View Profile
    • Evilzone
Re: Evilzone's official RFI training script
« Reply #10 on: June 23, 2011, 04:13:51 PM »
Quote from: mod_bluejay on June 23, 2011, 04:01:44 PM
I'm getting a 404 Not Found when downloading the script.

Never mind, attachment is working...

Link fixed.
Logged

Offline mod_bluejay

  • NOP
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #11 on: June 23, 2011, 05:08:24 PM »
I got this far at the moment:


Logged

Offline ande

  • Administrator
  • 0x13338
  • *
  • Posts: 1404
  • Karma: +80/-7
  • Gender: Male
    • View Profile
    • Evilzone
Re: Evilzone's official RFI training script
« Reply #12 on: June 23, 2011, 05:29:09 PM »
Quote from: mod_bluejay on June 23, 2011, 05:08:24 PM
I got this far at the moment:

Clearly you are doing something wrong :P
Logged

Offline ceewwb

  • NOP
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Evilzone's official RFI training script
« Reply #13 on: July 11, 2011, 02:05:52 PM »
http://img16.imageshack.us/img16/2734/print1ph.jpg

I cant go more than this
i followed all the tutorials in this forum but i cant do it!
what i am doing wrong?
Logged

Offline ande

  • Administrator
  • 0x13338
  • *
  • Posts: 1404
  • Karma: +80/-7
  • Gender: Male
    • View Profile
    • Evilzone
Re: Evilzone's official RFI training script
« Reply #14 on: July 11, 2011, 03:05:27 PM »
Quote from: ceewwb on July 11, 2011, 02:05:52 PM
http://img16.imageshack.us/img16/2734/print1ph.jpg

I cant go more than this
i followed all the tutorials in this forum but i cant do it!
what i am doing wrong?

You haven't paid attention in class! You gotta allow remote inclusion in the PHP config ;)
« Last Edit: July 11, 2011, 03:06:05 PM by ande »
Logged
Pages: [1] 2
 



Intern0t SoldierX py1337 SecurityOverride programisiai
Want to be here? Contact Ande or Satan911 on the forum or at IRC.