swisskyrepo
/
swisskyrepo.github.io
mirror of https://github.com/swisskyrepo/swisskyrepo.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bugfix : Clean Path in Goldfish

pull/1/head
Swissky 2017-11-07 15:17:08 +01:00
parent e4a6aeda85
commit 269d2b3b90
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
_posts/2017-11-7-ECW-CTF.md
View File

@ -157,8 +157,8 @@ I waited hours and hours, nothing happened..
Then I try to fuzz a little bit the "name" field since we could "rewrite" the URL. I finally managed to find an LFI with the source code reflected in the dashboard inside the memo. Thanks to this we could extract all the source code of the WebApp
{% highlight php%}
../../././././././././././././././././././index.php
../../././././././././././././././././././include/session.php
../../index.php
../../include/session.php
function checkCookie()
{
$user = null;
@ -179,7 +179,7 @@ function checkCookie()
}
}
../../././././././././././././././././././include/config.php
../../include/config.php
$db_name = 'web150';
$db_login = 'web150';
$db_pass = 'Hell0Challenger!';