Servers that are vulnerable to LFI security flaws allow an attacker to display the content of files through the URL within a web browser. In an LFI attack, the penetration tester can read the content of any file from within its directory using either ../ or /.
To get started, let's head back over to the Damn Vulnerable Web Application (DVWA) web interface within OWASP BWA:
- On the DVWA web interface, on the left-hand side menu, click on File Inclusion:
![](https://static.packt-cdn.com/products/9781789611809/graphics/assets/bb320a7c-f6bc-432c-abc0-73faaa6b52fe.png)
- By repeating ../ a few times and inserting the directory of the passwd file, we are able to view the content of the passwd file on the target web server:
![](https://static.packt-cdn.com/products/9781789611809/graphics/assets/f9a7801d-8af2-4268-95ad-35a88a63fbb5.png)
This type of attack tests a system for directory transversal vulnerabilities. Directory transversal allows an attacker to access restricted locations and files, as well as execute commands on a target web server. This attacker can manipulate...