all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Solving the Skills Assessment: File Inclusion and Log Poisoning

Add to bookmarks
Aug. 12, 2023, 10:57 a.m. | Ahmet Talha Şen

System Weakness - Medium systemweakness.com

Created by Lexica.art

Introduction

CTF challenges are designed to test your skills in various aspects of cyber security, and this particular challenge focuses on exploiting File Inclusion vulnerabilities along with Log Poisoning. We’ll use techniques like Local File Inclusion (LFI) to achieve remote code execution and eventually discover the flag.

Step 1: Identifying the Vulnerability

Upon accessing the web application, we observe that it takes a parameter called “page” in the URL.

We attempt to test for Local …

ctf cybersecurity hackthebox hackthebox-walkthrough hackthebox-writeup

Visit resource

More from systemweakness.com / System Weakness - Medium

Hosting Websites In DARKWEB 21 hours ago | systemweakness.com
darkweb hacking hostin tor +1
Hack Smarter Security | TryHackMe Write-up 21 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Termux: List Of Basic Commands 21 hours ago | systemweakness.com
android basic beginners can +12
3 easiest bugs that you can find right now [guarantied] 21 hours ago | systemweakness.com
bug bounty bug-bounty-tips cybersecurity hacking +1
Navigating Your Network: A Guide to Port Forwarding, SSH Tunneling, and Pivoting 21 hours ago | systemweakness.com
cybersecurity linux pivoting port forwarding +1
New Cuttlefish malware infects all devices to steal credentials 21 hours ago | systemweakness.com
authentication clicks computer science credentials +23
Buider HTB Write-up 21 hours ago | systemweakness.com
ctf-writeup hacking hackthebox-writeup infosec-write-ups +1
Devvortex Write-Up 21 hours ago | systemweakness.com
ctf-writeup hacking hackthebox-writeup info-sec-writeups +1
Beware: ‘Brokewell’ Malware Threatens Banking Security 21 hours ago | systemweakness.com
android android users banking banking security +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Product Manager, Electronic Warfare - Active Clearance

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Specialist Operations and Support/ Entry Professional - IT Security, Cyber Security & Governance

@ Norsk Hydro | Jaipur, IN
View on infosec-jobs.com

Embedded Software Engineer, Electronic Warfare

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Cyber Security Analyst

@ Peraton | Chantilly, VA, United States
View on infosec-jobs.com

Principal Consultant, Proactive Security - Unit 42

@ Palo Alto Networks | Sydney, Australia
View on infosec-jobs.com

Penetration Tester Consultant

@ RSI Security | United States - Remote
View on infosec-jobs.com
View more jobs