actorsfit.com
Open in
urlscan Pro
167.86.125.3
Public Scan
URL:
https://actorsfit.com/a?ID=01600-4fd9d3d3-e232-4439-b297-ed5ce246d612
Submission: On June 21 via api from US — Scanned from DE
Submission: On June 21 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
Toggle navigation ACTORSFIT * home Home * webOptions * contactsContact * policyPolicies * infoAbout * [ROOT-ME]FILE UPLOAD - ZIP WRITEUP Personal blog address http://www.darkerbox.com Welcome everyone to learn and communicate Root-me URL: https://www.root-me.org/fr/Challenges/Web-Serveur/File-upload-ZIP Title description: > Your goal is to read index.php file. Knowledge points * zip file upload View Imageis a zip file upload, upload regrets to decompress the zip file. I wrote a file 2.php and compressed it to 2.zip. View Image View Image Upload. It was decompressed. View ImageView Image will report 403 for direct access. Because php files cannot be accessed, only txt/jpg can be accessed. Create a soft link in kali, and then use the zip command to compress the symbolic link file. Why.../.../.../index.php? Because the upload and decompression directory is three levels different from the index.php directory. ln -s ../../../index.php index.txt, zip --symlinks index.zip index.txt Click to upload View Image . Found that the size of index.txt is relatively large, click index.txt. Get index.php code View ImageView Image Welcome everyone to learn and exchange together, make progress together, welcome to join the information security group View Image -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- © 2023 - actorsfit Policies Contact About