webProeasy

Portfolio (Red Portfolio)

hackerlab

Task: PHP portfolio application with user profiles stored as files. Solution: Path traversal via username parameter (../../fl4g) to read flag file outside web root.

$ ls tags/ techniques/
lfipath_traversalfile_readphpdirectory_traversalunsanitized_input
Path Traversal via username parameterArbitrary file read through profile mechanism
πŸ”’

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups