LFD - Local File Disclosure

[Prince]

Introduction:
LFD stand for Local File Disclosure.Through LFD a
client can view source code of PHP files and read
sensitive data like backend database logins.

Dorks:

Please, Log in or Register to view codes content!

Vulnerable Code:

Please, Log in or Register to view codes content!

As you can see in above code user input is directly supplied to readfile without any filteration.
let's try to include a php file

Please, Log in or Register to view URLs content!

if it's vulnerable it'll show download box for downloading file.Now open downloaded file it will contain source code.
try to search for include() or require() func now suppose we got something like

include('config.php');

we will check source for config.php

Please, Log in or Register to view URLs content!

You will get database logins in that file.
if not try to look into other files.

Eliminating LFD:

we can make a different directory for all downloadable files.Make a array of all files that are allowed to download
check the user requested file against this array if file name is in array send user requested file.

Please, Log in or Register to view codes content!

 

[coxentiu4]

amazing share

 

[robertmoore]

awesome share

 

[e-enter]

quality content

 

[isiy2016]

great

 

[opegaa]

let me see!

 

[ssnationwide]

amazing share

 

[hopz1010]

awesome share thanks

 

[zhangyupass]

Thank you sir!

 

[SadBoy6x3]

wow nice share