Points: 50

Tags: miscellaneous 

Poll rating:

Writeups

ActionRatingAuthor team
Read writeup
0
zero-paasei
Read writeup
5.0
DDOS Attacks
Read writeup
0
ShellWarp
Read writeup
5.0
Root Security
You need to authenticate and join a team to post writeups notallowed1503 – June 19, 2017, 8:34 a.m.

can you tell me how you injected the php code in this site?? thanks in advance. by the way nice writeup.


argaz – June 19, 2017, 9:56 a.m.

He didn't inject code. The vulnerability was that any existing file path that he would type into the input, would be read and returned to the client.


W3ndige – June 19, 2017, 11:04 a.m.

You just have to enter paths in the input box, and from there look for common files. Example of geting to /etc/passwd would be typing ../../../../etc/passwd in the input.


argaz – June 19, 2017, 11:48 a.m.

@W3ndige you don't need to do relative paths, it would accept absolute paths like /etc/passwd fine.


W3ndige – June 19, 2017, 11:49 a.m.

@argaz - Now i now :D Thanks for the info!