https://chiefdennis.github.io/tags/local-file-inclusion/Recent content in Local File Inclusion on Chief Dennis' BlogHugoenTue, 01 Apr 2025 13:07:16 +0100https://chiefdennis.github.io/posts/offsec_dvr4/Tue, 01 Apr 2025 13:07:16 +0100https://chiefdennis.github.io/posts/offsec_dvr4/<h2 id="dvr4-offsec-walkthrough"> DVR4 Offsec Walkthrough <a class="heading-link" href="#dvr4-offsec-walkthrough"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <p><img src="https://chiefdennis.github.io/posts/offsec_dvr4/Picture23.png" alt="image"></p> <h3 id="lfi-vulnerability"> LFI Vulnerability <a class="heading-link" href="#lfi-vulnerability"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h3> <p>Local File Inclusion (LFI) is a security vulnerability in web applications that allows an attacker to access files stored on the server. This failure occurs when an applicationconstructs file paths based on user input without properly validating its contents. As a result, an attacker can manipulate those paths to read sensitive system files and, in some cases, execute malicious code.</p>