Username: 
Password: 
Restrict session to IP 

Half way  Go to the Training: PHP LFI challenge

Global Rank: 8491
Totalscore: 882
Posts: 1
Thanks: 0
UpVotes: 0
Registered: 12y 280d
Last Seen: 12y 214d
The User is Offline
Half way
Google/translate0Thank You!0Good Post!0Bad Post! link
Hey there

I'm new to this all, but want to learn it all Smile

Now i'm strugeling with this challenge.

I'm half way (i think)
i can delete the suffix, because .html is not what a i need.
but i cant delete the prefix and again, pages/ is not what is need

But i really do not know how i can delete that prefix from beeing loading.


am i solving this in the good way or am i totally lost?
Global Rank: 227
Totalscore: 94363
Posts: 1680
Thanks: 1358
UpVotes: 920
Registered: 16y 290d




Last Seen: 5d 16h
The User is Offline
RE: Half way
Google/translate0Thank You!0Good Post!0Bad Post! link
It sounds like you are on a good track.
You can walk up in the file system with "directory traversel".
Chopping off the .html is simulated because this got fixed in PHP, but the technique is obvious and well known.

Cheers \o
gizmore
The geeks shall inherit the properties and methods of object earth.
Redknee, ic3sn0w, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 15131 times.