This challenge is about getting around filters, which might make it harder for you to exploit a script.
What url would you use as parameter if there would be a script "exploitit.php" in the "/user/www/challenges/" folder of our Linux webserver and you want to open "/user/www/index.php".
In case "exploitit.php" looks like this:
Or in case"exploitit.php" looks like this:
- This challenge is about Local File Inclusion. In the beginning I encoded the path of '../index.php' into '..%2Findex.php', but the result always told me 'Both answers are wrong!'
- Alright, since the first one script only replaces the '../' with nothing, we could input the URL like below and make it into '../index.php'.
- The second one will be more easier. Although it double checked the '../' for Local File Inclusion and the '://' for Remote File Inclusion, it opens the file directly without appending any directories. So, we could simply input the URL directly like below to achieve our goal.
- Well done!