Wednesday, November 2, 2011

Local File Inclusion Tutorial Part 4 of 4

For the last part of our series, I have put together this list to go beyond /etc/passwd where we can find an LFI

In the /proc/ can view information about the kernel, system, hardware etc..

The /proc/self is a link to the running process.

The /proc/sys provides information but also (being an administrator) can enable or disable kernel features

The /proc/net displays information about the system's network configuration.

The /proc/driver contains information about drivers that are being used in the system.

Other interesting paths

Bonus :

You can also add to the list the following:

/etc/postifx/ ... (there are a few

Also, you can look for anti-rootkit and security stuff, for example:


Startup scripts:


Good luck and happy pwning! :) 
Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security