Skip to content

Security Cipher

  • Home
  • Blog
  • About Us
  • Resources
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • Linux Commands
    • AWS Cloud Security Checklist
  • My Resume
Contact Us

Secure Code Explain

  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Log Injection
  • Cross-Site Request Forgery (CSRF)
  • HttpOnly Flag not set

Vulnerability Explain

  • SQL Injection
  • Cross-Site-Scripting (XSS)
  • Home
  • Secure Code Explain
  • Remote File Inclusion (RFI)

Remote File Inclusion (RFI)

Table of Contents
  • 🥺 Vulnerable Code
  • 😎 Secure Code

Here is an example of Java code that is vulnerable to Remote File Inclusion (RFI) attack:

🥺 Vulnerable Code #

import java.io.*; 
import java.net.*; 

public class RFI { 
public static void main(String[] args) throws Exception { 

// Vulnerable code: URL is not sanitized and is directly included in the program 
URL url = new URL(args[0]); // args[0] can be manipulated by attacker 
BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream())); 

String inputLine; 
while ((inputLine = in.readLine()) != null) 
System.out.println(inputLine); 
in.close(); 
} 
}

😎 Secure Code #

Here is a version of the same code that is secured against Remote File Inclusion (RFI) attack:

import java.io.*; 
import java.net.*; 
import java.util.regex.*; 

public class RFI { 
public static void main(String[] args) throws Exception { 

// Secure code: URL is sanitized using regex to only allow local files 
String pattern = "^(file://)?/[A-Za-z0-9_/.-]*$"; // regex for local file URLs 
Pattern p = Pattern.compile(pattern); 
Matcher m = p.matcher(args[0]); 
if (!m.matches()) { 
System.out.println("Invalid URL"); 
return; 
} 
URL url = new URL(args[0]); 
BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream())); 

String inputLine; 
while ((inputLine = in.readLine()) != null) 
System.out.println(inputLine); 
in.close(); 
} 
}

The line URL “url = new URL(args[0]);” was vulnerable in the original code, as it allowed an attacker to pass in a malicious URL that could be used to execute arbitrary code on the server. In the secure code, the URL is first checked against a regex pattern to ensure that it is a local file URL before it is included in the program.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest
XXE InjectionLocal File Inclusion

Leave a Reply Cancel reply

Table of Contents
  • 🥺 Vulnerable Code
  • 😎 Secure Code
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Threat Modeling : Everything You Need to Know for Web Application Security
  • How to Conduct a Successful Penetration Test: A Step-by-Step Guide
  • OSV-Scanner: Protecting Your Open-Source Dependencies

Subscribe Now

Don’t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

©2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions