all InfoSec news
Solving the Skills Assessment: File Inclusion and Log Poisoning
Aug. 12, 2023, 10:57 a.m. | Ahmet Talha Şen
System Weakness - Medium systemweakness.com
Introduction
CTF challenges are designed to test your skills in various aspects of cyber security, and this particular challenge focuses on exploiting File Inclusion vulnerabilities along with Log Poisoning. We’ll use techniques like Local File Inclusion (LFI) to achieve remote code execution and eventually discover the flag.
Step 1: Identifying the Vulnerability
Upon accessing the web application, we observe that it takes a parameter called “page” in the URL.
We attempt to test for Local …
ctf cybersecurity hackthebox hackthebox-walkthrough hackthebox-writeup
More from systemweakness.com / System Weakness - Medium
Jobs in InfoSec / Cybersecurity
Technical Product Manager, Electronic Warfare - Active Clearance
@ Anduril | Costa Mesa, California, United States
Specialist Operations and Support/ Entry Professional - IT Security, Cyber Security & Governance
@ Norsk Hydro | Jaipur, IN
Embedded Software Engineer, Electronic Warfare
@ Anduril | Costa Mesa, California, United States
Cyber Security Analyst
@ Peraton | Chantilly, VA, United States
Principal Consultant, Proactive Security - Unit 42
@ Palo Alto Networks | Sydney, Australia
Penetration Tester Consultant
@ RSI Security | United States - Remote