Questions and Answers

How do I collect points?

  • +5
    Chosen as best answer
  • +1
    Posted answer
  • +1
    Posted question
  • +1
    Thumb up
  • -1
    Thumb down

by DrJava in Challenge Help about September 3, 2016 closed - report

Basic 30 (LFI)

Ok, so I figured out where to put the LFI, and what the file is:


My question is:

1. Do I need a . in front of h*pa***d

2. How do I figure out how many ../ to put in?


Thanks in advance.

Answers: 3 • Score 0 • Views: 1835
Browse by
  • 97

    by ccccombobreaker about September 4, 2016 Best answer

    i think he knows where he has to write that...

    think of this: "../" basicly means "parent directory" (in here are the pages, that get included)

    so index.php and the directory pages/ are in dirictory 2, dir2 is in dir1...

    index.php?page=../ now you are in dir2 (because you just got out of the dir "pages")

    index.php?page=../../ now you are in dir1 (because you just got out of the dir "dir2")

    now you need to know where the ".h******d" file is located (you're on the wrong way with /e**/.h******d), it's in the directory the admin wants to protect with a password ;)

    NOW you should try LFI :D

  • 9

    by MLGChris333 about September 4, 2016

    Yep. /e**/ blah blah is not where the password is stored, Same with .hta*****

    • Score: 0
  • 9

    by MLGChris333 about September 4, 2016

    First hint. Yes you need a dot and secondly, think about where the file is stored. e.g:<something goes here ;)>


    Think ;)

Question was closed.