Questions and Answers

How do I collect points?

  • +5
    Chosen as best answer
  • +1
    Posted answer
  • +1
    Posted question
  • +1
    Thumb up
  • -1
    Thumb down
9

by MRNCT in Challenge Help about July 27, 2016 closed - report

Local File Inclusion(LFI) (again)

 Well I still can't get the Challenge: Basic 30

I've asked for some tips soem time ago. I read all articles I could find in the 'normal' web(google)

I've also read the resources on this page.

Stuff like this did NOT work!

- avoid LFI fixes like replacing "../" with " " --> "....//" what remains is "../" = didn't work(even if in the resources was written I should take care because this could be used in one of their challenges).

- URL encoding " index.php%3Ffile%3Detc%2fpasswd%2500 "

- Simply everything I could find on the internet.

 

The page just stays the same, it doesn't show any error or so.

 

I'm about to give up because im stuck at this one challenge for months right now. It would be a pleasure if someone could tell me what to do. I accept being a moron if it's a really easy solution.

Answer: 1 • Score 0 • Views: 1588
Browse by
  • 6

    by xeroOG about July 27, 2016 Best answer

    Okay so first let's take a look at the error message again.

    Warning: main(pages/$page): failed to open stream: No such file or directory in /home/enigmagroup/public_html/challenges/basics/vm/1/index.php on line 14

     

    Error messages like this give away some important information like the directory structure. It looks like it expects there to be some variable called $page and it interprets it as a file in the directory `pages`. Do we have any control over the contents of the $page variable? We should investigate that.

     

    Secondly, I see you're trying to check out /etc/passwd. While that's a likely target, it's outside of the scope of this particular challenge. Notice the login page? In case you didn't know, that kind of password prompt is a commonly enforced by Basic HTTP Authentication. Look up where a directory protected by Basic Auth might store the log in information (hint: it's not in /etc/passwd).

    • Score: 0
Question was closed.