tom/darkly
1
0
Fork 0
mirror of https://github.com/tmoron/darkly.git synced 2025-09-27 12:48:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

+ | Some readme flags

Browse Source
This commit is contained in:
RedShip
2025-04-08 17:18:25 +02:00
parent 6d60ef316c
commit 30b2ba0738
6 changed files with 107 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
LFI/README.md Normal file
View File

@ -0,0 +1,14 @@
# Local File Inclusion to Get the Flag
## How We Found It
There was a Local File Inclusion (LFI) vulnerability in the `page` parameter. By messing with the URL and using a bunch of `../`, we can directly go at the root
of the machine and manage to access `/etc/passwd`.
The flag was hidden in that file and popped up in an alert when we accessed it with the payload:
```
http://10.12.248.148/?page=../../../../../../../../../../../../../../../../../../../../etc/passwd`
```
## Utility of It
LFI is actually a serious vulnerability in real-world applications. It can let attackers read sensitive files on the server (like config files, database credentials, or even source code), and sometimes it can be chained with other exploits to get full system access.
## How Can We Patch It
Make sure to sanitize user input and avoid directly including files based on URL parameters. Only allow expected, whitelisted files to be loaded.

1
LFI/flag Normal file
View File

@ -0,0 +1 @@
b12c4b2cb8094750ae121a676269aa9e2872d07c06e429d25a63196ec1c8c1d0