Tag : RCE

From LFI to Remote Shell (Kioptrix Level 4)

In my previous Kioptrix Level 4 write-up, we went from boot to root on the Kioptrix 4 machine by exploiting password reuse. Along the way, we found a local file inclusion vulnerability that allowed us to gather some valuable information used in owning the box. In this article, we'll take a deeper look at the LFI bug and learn how to use only the LFI to get a reverse shell on the target.

Read more