Exploitation of PDF Generation Vulnerabilities

userb1ank · January 26, 2024, 9:20am

I found the endpoint, but I can’t read the txt file. Is http protocal not suitable for it?
my payload
<iframe src=http://127.0.0.1:8080/users/adminkey.txt width=1000 height=2000></iframe>

LordAdel · January 30, 2024, 3:02am

Okk , I just figured out how to get the benefits of this endpoint.

use “file” protocol to read the files via LFI vulnerability.

good luck

gizmoe380 · February 19, 2024, 11:09pm

you’re the best bro thank you so much!

Subhashshetty · September 13, 2024, 10:30am

Hi can you please explain the step here

dinosec · October 18, 2024, 11:31pm

hi, can you explain how did you found this file, please?

Topic		Replies	Views
Official PDFy Discussion Challenges	43	5761	September 8, 2024
Skills Assessment - File Inclusion Academy	3	1099	August 16, 2023
API Attacks - Server Side Request Forgery Academy	3	244	December 28, 2024
Beginner Here. Need help with an LFI/RFI vuln. Machines rfi , lfi , academy , directory-traversal	0	1006	January 8, 2021
LFI Directory Traversal Final Assessment Academy Tools	7	2127	March 25, 2024

Exploitation of PDF Generation Vulnerabilities

Related topics