https://chiefdennis.github.io/tags/base64-password-decoding/Recent content in Base64 Password Decoding on Chief Dennis' BlogHugoenSun, 16 Mar 2025 13:07:16 +0100https://chiefdennis.github.io/posts/offsec_snookum/Sun, 16 Mar 2025 13:07:16 +0100https://chiefdennis.github.io/posts/offsec_snookum/<h2 id="snookum-offsec-walkthrough"> Snookum OffSec Walkthrough <a class="heading-link" href="#snookum-offsec-walkthrough"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <h3 id="rfi-vulnerability"> RFI Vulnerability <a class="heading-link" href="#rfi-vulnerability"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h3> <p>Remote File Inclusion (RFI) is a vulnerability in web applications that allows an attacker to upload and execute files hosted on external servers. This flaw occurs when an applicationdynamically includes files without properly validating user input, which can lead to the execution of malicious code. If proper security measures are not taken, RFI can completely compromise a system, facilitating data theft, malware execution, or even full control of the server.</p>