PHP

Arbitrary file read through basic Local File Inclusion

by Brumens
drag_indicator
info
drag_indicator
inputs
drag_indicator
inspect

Arbitrary file read through basic Local File Inclusion

Include a file that allows you to read it. The flag is a step outside the pages folder.

Hints

Hint #1
expand_more

The vulnerable application is not filtering your input, and the flag is outside the pages folder how can you go one step backwards?

Hint #2
expand_more

Use a path traversal attack!

Solution

Read the solution
expand_more

Payload :

../flag.txt

Example read /etc/passwd file :

../../../etc/passwd
drag_indicator
waf
INPUT
OUTPUT
drag_indicator
code
drag_indicator
result