1
00:00:00,850 --> 00:00:03,430
Hello, everyone, and welcome to this video.

2
00:00:04,120 --> 00:00:11,810
So in this video, we are going to learn about two categories of file inclusion, namely local and remote.

3
00:00:12,580 --> 00:00:21,070
So before seeing this, let's recall when we learned about what is the difference between part traversal

4
00:00:21,070 --> 00:00:29,620
and file inclusion based on realities in which we saw that if we are able to read any file from any

5
00:00:29,620 --> 00:00:33,130
server, then it falls under pat traversal.

6
00:00:33,730 --> 00:00:41,110
For example, if you are able to read a file, which is called letters file dot BHP, then it will fall

7
00:00:41,110 --> 00:00:42,820
in that part traversal.

8
00:00:44,110 --> 00:00:52,330
But in elfy or local file inclusion, you're able to read the file as well and you are able to execute

9
00:00:52,330 --> 00:00:54,910
the file or execute the commands as well.

10
00:00:55,660 --> 00:01:05,530
That's why we have seen that part traversal is a subset of local file inclusion that basically sums

11
00:01:05,530 --> 00:01:11,650
up and summarizes to elfy equals part traversal plus execution.

12
00:01:12,520 --> 00:01:13,090
All right.

13
00:01:13,480 --> 00:01:18,120
So now let's see what is the difference between Elfy and Arafeh.

14
00:01:18,850 --> 00:01:24,430
So as you can see on the left side of the screen, I have created a diagram and on to the right hand

15
00:01:24,430 --> 00:01:27,860
side of the screen, I have again created a diagram for Al-Rifai.

16
00:01:29,230 --> 00:01:38,890
Also, I have noted the very, very simplistic definition to understand this attack in which local file

17
00:01:38,890 --> 00:01:46,660
inclusion or elfy means when any attacker is able to load files from the local server or the web application

18
00:01:46,660 --> 00:01:56,380
itself and is also being able to execute commands, then the attacker has found how valid LFR one liability

19
00:01:57,250 --> 00:01:58,390
under the right hand side.

20
00:01:58,660 --> 00:02:06,190
If the attacker is able to load any files from any given remote server that he controls and is also

21
00:02:06,190 --> 00:02:13,780
able to execute some specific command, then he has found a remote file inclusion vulnerability.

22
00:02:14,920 --> 00:02:18,430
Now let's understand this more with the help of a diagram.

23
00:02:19,360 --> 00:02:24,050
As you can see, this is the attacker and this is the target web application server.

24
00:02:24,940 --> 00:02:33,520
So in Elfy, the attacker is going to read the files, for instance, file or BHB or ETEK past a bloody

25
00:02:33,520 --> 00:02:33,850
file.

26
00:02:34,750 --> 00:02:42,100
And the attacker is also able to execute a specific set of commands onto the target server to retrieve

27
00:02:42,100 --> 00:02:43,090
the sensitive data.

28
00:02:44,290 --> 00:02:51,610
On the right hand side, you can see the attacker is able to read the files as well as execute commands.

29
00:02:51,790 --> 00:03:00,460
But the attacker is also being able to load specific files from any bad server, as you can see over

30
00:03:00,460 --> 00:03:08,440
here, and the vulnerable web application or the server will successfully load the files and even execute

31
00:03:08,440 --> 00:03:08,710
them.

32
00:03:09,430 --> 00:03:17,450
This way, the attacker can run any files onto the bad server through a remotely configured bad server.

33
00:03:18,250 --> 00:03:23,060
So this is the main difference between local file inclusion and remote file inclusion.

34
00:03:23,500 --> 00:03:24,910
I hope you guys understood this.

35
00:03:25,240 --> 00:03:25,780
Thank you.