TryThis0ne >> Challenges >> Web
TextView
Viewers: :
Quick reply
Reply
New Topic
 
CoNfi




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 11




Send Email Top
Sent on: 14/10/2005, 15:30:08 Reply | Quote | Warn | Edit
hmm
really I have no idea what to do
I already got "you're on the right track"
but I have no clue
hint me please

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 14/10/2005, 18:12:05 Reply | Quote | Warn | Edit
try to think- if you can upload a *** file- how can you exploit that to see the others files on the directory?

(remember- the system is *Nix!)

CoNfi




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 11




Send Email Top
Sent on: 14/10/2005, 19:10:46 Reply | Quote | Warn | Edit
bla
I can upload a *** s**ll
but only in txt cause I can't upload **
bla...let me think
cp I hate you challenges!
I have lost many hairs because of them

Edit by : CoNfi At 14/10/2005, 17:11:32

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 15/10/2005, 22:23:07 Reply | Quote | Warn | Edit
think:
1#how can you execute command on the server.
2#how can you find the other files on the directory.

hint : it's *nix server.

Edit by : cp77fk4r At 15/10/2005, 20:29:40

Minig3N




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 3




Send Email Top
Sent on: 19/10/2005, 15:57:08 Reply | Quote | Warn | Edit
how can I execute commands from this page? too hard...

Edit by : Minig3N At 19/10/2005, 14:00:10

CoNfi




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 11




Send Email Top
Sent on: 21/10/2005, 01:26:18 Reply | Quote | Warn | Edit
I passed this level
cp
you need to fix something there and you know what
there is a fuck.
if you have fixed the level before I was already done it

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 21/10/2005, 03:07:35 Reply | Quote | Warn | Edit
Nice,
and.. it's not a bug, and I don't fixed anything, I just updated some files on this challeng, not more.

CoNfi




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 11




Send Email Top
Sent on: 21/10/2005, 12:56:28 Reply | Quote | Warn | Edit
I'll pm the problem (if it's a problem :\)

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 21/10/2005, 14:00:54 Reply | Quote | Warn | Edit
It's not a bug :)

K32.nix




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78




Send Email Top
Sent on: 06/03/2009, 15:45:13 Reply | Quote | Warn | Edit
Warning: file_get_contents();exec(1.txt) [function.file-get-contents]: failed to open stream: No such file or directory in D:\webppliance\conf\domains\trythis0necom\Inetpub\wwwroot\levels\web-challanges\Textv\View.php on line 11

i know that i must run this file i inserted the command for listing files, and the first line of a shell file. But how do i run it?? =/
thanks

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 06/03/2009, 16:24:28 Reply | Quote | Warn | Edit
it's cuz you try to open the "1.txt.txt" file - in file name you need to open "1".

K32.nix




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78




Send Email Top
Sent on: 08/03/2009, 01:09:31 Reply | Quote | Warn | Edit
but the problem is how to avoid the .txt extension. i tried to change the disabled box, but id didn't work. =/

K32.nix




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78




Send Email Top
Sent on: 09/03/2009, 00:52:13 Reply | Quote | Warn | Edit
what should i learn to pass this protection?
hint?

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 09/03/2009, 02:34:48 Reply | Quote | Warn | Edit
LFI?

K32.nix




AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 78




Send Email Top
Sent on: 09/03/2009, 07:53:07 Reply | Quote | Warn | Edit
What the hell is this? hehehehe i'm really lost in this one. =P

cp77fk4r
Global Admin



AVATAR



Registerd on: 01/01/1970, 04:00:00
Location::
Posts: 621




Send Email Top
Sent on: 09/03/2009, 08:04:16 Reply | Quote | Warn | Edit
Google it, LFI and Form Manipulation..

All the times are GMT+2, ISRAEL
TryThis0ne >> Challenges >> Web

Page: 1, 2
Quick reply
Reply
New Topic


Page generated using: 12 queries
Design by SBD © GeHeNoM.Net | Powered By Tera-Byte Forums 1.5 © JonJon & HLL
ý