RFI Vulnerability Scanner

Remote file inclusion (RFI) vulnerabilities are critical security issues within web applications since successful exploitation of such a vulnerability may lead to remote code execution (RCE). An RFI vulnerability allows an attacker to remotely include a file hosted on a malicious web server. Once successfully carrying out their RFI attack, the attacker would typically try to obtain a reverse shell which provides them with a command line session where arbitrary commands can be executed. RFI vulnerabilities are usually not difficult to fix, but finding them in large codebases could be challenging without the right tools. Acunetix is a web application vulnerability scanner which, in addition to RFI, can test for LFI vulnerabilities and other file inclusion bugs, as well as Cross-site Scripting (XSS), SQL Injection (SQLi), and thousands of other vulnerabilities and misconfigurations.

The Acunetix RFI scanner tests for both local file inclusion (LFI) and remote file inclusion (RFI). While many file inclusion vulnerability scanners can find low-hanging file inclusion, Acunetix goes well beyond the basics thanks to its advanced crawler and JavaScript engine called DeepScan. Thanks to DeepScan, Acunetix also has full support for modern single page applications (SPAs) and can understand and fully test applications that rely on JavaScript frameworks.

In addition to being a fully automated black box scanner (no knowledge of back end code), Acunetix also provides AcuSensor as part of its standard offering. AcuSensor is a an optional sensor for Java, ASP.NET, and PHP applications that can easily be deployed on the application backend to analyse source code while it is in execution by the scanner, giving even more accurate results and even fewer false positives.

Frequently asked questions

What is the best way to discover RFI vulnerabilities?

The best way to discover and then eliminate RFI vulnerabilities (remote file inclusion) is by using a vulnerability scanner. Web application firewalls (WAF) do not help you discover or prevent vulnerabilities, just make it difficult (but not impossible) for attackers to exploit them. With a vulnerability scanner, you can quickly identify and then eliminate all your vulnerabilities.

Learn more about the Acunetix vulnerability scanner.

How dangerous are RFI vulnerabilities?

RFI vulnerabilities are very dangerous. If an attacker can include a remote file, they can potentially establish complete control over the web server. If the web server has other vulnerabilities, the attacker may propagate the attack to your other systems. RFI is also commonly used in conjunction with many other techniques, for example, phishing.

Read how attackers are using RFI in dangerous phishing campaigns.

How to eliminate and prevent RFI vulnerabilities?

Once you use Acunetix to detect an RFI vulnerability, you can eliminate it by modifying the application code so that you do not include any files based on user input. If this is not possible, you must maintain a whitelist of files that can be included.

What other vulnerabilities can Acunetix detect?

Acunetix can not only detect all web vulnerabilities (for example, SQLi, XSS, CSRF, SSRF, LFI, RCE, and many more) but also integrates with a network scanner, so you can scan for network vulnerabilities. Acunetix is not just a simple scanner, it also has a full set of vulnerability assessment and vulnerability management features. It also integrates with many issue tracking tools, CI/CD, and other software.

Request a demo of Acunetix to see how it can help you.