Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server?

During an assessment, a penetration tester manages to exploit an LFI vulnerability and browse the web log for a target Apache server.

Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server? (Choose two.)
A . Cross-site scripting
B . Server-side request forgery
C . SQL injection
D . Log poisoning
E . Cross-site request forgery
F . Command injection

View Answer

Answer: D,F

Explanation:

Local File Inclusion (LFI) is a web vulnerability that allows an attacker to include files on a server through the web browser. This can expose sensitive information or lead to remote code execution.

Some possible next steps that a penetration tester can try after exploiting an LFI vulnerability are:

✑ Log poisoning: This involves injecting malicious code into the web server’s log files and then including them via LFI to execute the code34.

✑ PHP wrappers: These are special streams that can be used to manipulate files or data via LFI. For example, php://input can be used to pass arbitrary data to an LFI script, or php://filter can be used to encode or decode files5.