would that grant reverse access to your local drive while you had your script running?
The reason I ask, is because I was trying an RFI in a few different places, and right after trying it on a particular page, my webcam turned on. My script definitely doesn't have anything to do with webcams. And I did open it or anything. It kinda spooked me.
Posts: 165 Location: Your Computer Joined: 12.12.07 Rank: God
Posted on 21-04-14 16:14
Beware of honeypots! Your RFI could have reverse affects in such that you executed a exploit that, without fully knowing, could be uploading the script that is being injected. This in return letting you exploit yourself to the so called "victim". If I was a malicious hacker I would do the following:
Create a honeypot to allow you to exploit my so called website. Allow you to use "RFI" and really be uploading the shell and gathering your info at the same time, thus using your exploit against you.
Since you have this locally, so bad by the way, and you do not fully understand the shell in which you are using you are basically telling the real attacker "Hey here I am, and go ahead and do what you will to my computer!"
The philosophy of one century is the common sense of the next. -Fortune Cookie
I would like to thank a few friends that I have made here that helped me and deserve to be mentioned:
System_Meltdown, Futility, nvrlivenvrdie, Mastergamer, TrueHacker, S1L3NTKn1GhT, Reelix, ynori7, Demons Halo, kryptor
Mordak, my long lost brother from across the pond!
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.