EH-Net

Hi everyone,

After learning some scanning tools that can scan Remote File Inclusion vulnerability (fimap, w3af, uniscan, etc), I decided to draw a diagram to show the mechanism. So here is the picture.

(http://i1262.photobucket.com/albums/ii603/eddy_kho88/rfi_tool-1.png)



Note: if you cannot see the picture, please find at attachment

Little description:
Attacker box: the person can scan and exploit the RFI vulnerability. Some tool offer exploit mode to get victim shell in their tool; therefore, I decided to put it in.

Variable setting box: allow the user to set parameter.

Victim Server box: normal stuff inside a server


Is it the right way to draw how scanning tool work? Is there some specific part that i need to modify?

Feel free to post your opinion so I can learn from everyone and draw the right diagram.  :)


 
Thanks

Hi fly,
I think you have demoed that there was a script that you used as payload, so that the attacker can control the victim. The picture need to be updated with the payload.

The "Return Shell" looks ambiguous... Is the shell actually the effect of what the payload does? In that case the payload goes on to one direction, and the returned shell should be showing the other direction.

Hi Erwin,

Thanks for the input.

Yes, the "Return Shell" pipe is the result of what the payload does so let me revised the diagram a little bit.

Cheers  ;D

In that case, perhaps a revised picture would help.