Local and Remote File Inclusion

Hubczyk, Michal; Domanski, Adam; Domanska, Joanna

doi:10.1007/978-3-642-25355-3_17

Michal Hubczyk⁴,
Adam Domanski⁴ &
Joanna Domanska⁵

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 118))

600 Accesses
1 Citations

Abstract

In this paper we have examined Local and Remote File Inclusion vulnerabilities in details. It is proven that these security flaws may lead to variety of problems including generation of big load to the server as well as disclosure of files which should not be accessible by the clients. These attacks are not so popular as SQL injection or Cross-Site Scripting but still they are subject of serious threat because of their consequences.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

http://en.wikipedia.org/wiki/Dynamic_web_page (July 22, 2011)
http://en.wikipedia.org/wiki/Web_developer (July 22, 2011)
Imperva company, Hacker Intelligence Initiative, Monthly Trend Report #1
Google Scholar
http://en.wikipedia.org/wiki/Denial-of-service_attack (July 23, 2011)
http://php.net/manual/en/function.include.php (July 23, 2011)
http://php.net/manual/en/function.require.php (July 23, 2011)
http://www.php.net/manual/en/function.include-once.php (July 23, 2011)
http://www.php.net/manual/en/function.require-once.php (July 23, 2011)
http://en.wikipedia.org/wiki/Uniform_Resource_Locator (July 23, 2011)
http://en.wikipedia.org/wiki/Null_character (July 23, 2011)
http://www.intel.com/technology/platform-technology/hyper-threading/index.htm (July 24, 2011)
http://en.wikipedia.org/wiki/Unix (July 24, 2011)
http://en.wikipedia.org/wiki/Unix-like (July 24, 2011)
http://php.net/manual/en/function.system.php (July 24, 2011)
http://en.wikipedia.org/wiki/Cross-site_scripting (July 24, 2011)
https://www.owasp.org/index.php/SQL_Injection (July 24, 2011)

Download references

Author information

Authors and Affiliations

Institute of Informatics, Silesian Technical University, Akademicka 16, 44–100, Gliwice, Poland
Michal Hubczyk & Adam Domanski
Institute of Theoretical and Applied Informatics, Polish Academy of Sciences, Baltycka 5, 44–100, Gliwice, Poland
Joanna Domanska

Authors

Michal Hubczyk
View author publications
You can also search for this author in PubMed Google Scholar
Adam Domanski
View author publications
You can also search for this author in PubMed Google Scholar
Joanna Domanska
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Silesian University of Technology, ul. Roosevelta 16, Gliwice, 44-100, Poland
Adrian Kapczyński
, Institute of Electronics, Silesian University of Technology, Akademicka Street 16, Gliwice, 44-100, Poland
Ewaryst Tkacz
, Department of Computer Science, Academy of Business in Dabrowa Gornicza, Cieplaka 1c, Dabrowa Gornicza, 41-300, Poland
Maciej Rostanski

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Hubczyk, M., Domanski, A., Domanska, J. (2012). Local and Remote File Inclusion. In: Kapczyński, A., Tkacz, E., Rostanski, M. (eds) Internet - Technical Developments and Applications 2. Advances in Intelligent and Soft Computing, vol 118. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25355-3_17

Download citation

DOI: https://doi.org/10.1007/978-3-642-25355-3_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25354-6
Online ISBN: 978-3-642-25355-3
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics